Thanks for the heads up. I think I may have a copy of 5.5. I don't remember having an issue like that, but it's been a while.
On Wed, May 4, 2011 at 2:27 PM, Doug Burks <[email protected]> wrote: > I experienced the issue with CentOS 5.5, which may be easier to find > than 5.2 or 5.3. > > Thanks, > -- > Doug Burks, GSE, CISSP > President, Greater Augusta ISSA > http://augusta.issa.org > http://securityonion.blogspot.com > > On Wed, May 4, 2011 at 2:19 PM, dan (ddp) <[email protected]> wrote: >> I'm trying to find a CentOS 5.2 or 5.3 ISO right now to see if I can >> reproduce this. No luck so far. >> >> I don't think it's a packet thing, I think one of the components in >> ossec-analysisd is interacting poorly with something in CentOS that >> was updated (to a version that doesn't have a problem with what's in >> OSSEC) between 5.3 and 5.6. >> I haven't had time to track down the CentOS changelogs for clues though. >> >> On Wed, May 4, 2011 at 1:43 PM, Kat <[email protected]> wrote: >>> PS - I can packet capture on both ends - what would you want to see??? >>> >>> On May 4, 11:11 am, Kat <[email protected]> wrote: >>>> RHEL 5.3 >>>> >>>> Only "special" update is PHP 5.3, which would have nothing to do with >>>> OSSEC, but mentioning it. >>>> >>>> I would be happy to supply some debug info. >>>> >>>> It was working flawlessly when first installed, then they just started >>>> dropping off. Agents are a mixture of AIX 6.1 , RHEL 5.3 and Solaris >>>> 10 >>>> The only agents that have never exhibited any problems are the Windoze >>>> boxes. >>>> >>>> -k >>>> >>>> On May 4, 10:59 am, "dan (ddp)" <[email protected]> wrote: >>>> >>>> > What OS/distro/revision are you using on your manager system? >>>> > Daniel Cid has offered to help track it down, but he needs access to a >>>> > system showing this issue. >>>> > dan >> >
