Greetings: Re: http://www.ossec.net/main/manual/manual-active-response-on-windows/
/var/ossec/bin/agent_control -L OSSEC HIDS agent_control. Available active responses: Response name: win_nullroute43200, command: route-null.cmd Response name: apache_restart0, command: apache_restart.sh Response name: firewall-drop43200, command: firewall-drop.sh [r...@dnisp1 root]# /var/ossec/bin/agent_control -b 89.35.205.206 -f win_nullroute43200 -u 016 OSSEC HIDS agent_control: Running active response 'win_nullroute43200' on: 016 Yet on the Windows server in question, in the ossec.log file i see the following (route print doesn't have the block): 2009/07/03 22:38:01 ossec-execd(1311): ERROR: Invalid command name 'win_nullroute43200' provided. 2009/07/03 22:43:51 ossec-execd(1311): ERROR: Invalid command name 'win_nullroute43200' provided. The agent and server are on ossec 2.1.1 Please advise as to what I need to check to make sure the problem is not on my end. Thank you.
