Thanks Dan for all useful informations. Sincerely yours
Best Regards Iqbal Aroussi 514-627-0438 On Mon, Mar 18, 2013 at 1:04 PM, dan (ddp) <[email protected]> wrote: > On Mon, Mar 18, 2013 at 12:27 PM, Iqbal Aroussi <[email protected]> wrote: > > Hi Eero, Dan, > > > > Thanks a lot for your quick response. > > So if I got the "secure" way, I should put this in my ossec.conf on the > > manager > > or there is something else to do ? I want to user TCP for reliability. > > tcp is not an option for the secure method. > > > what about the port, is it the correct one or I should use 1514 ? > > 514 is usually syslog, but if you aren't using syslog it doesn't > matter what you do with that port. > > > > > <remote> > > <connection>syslog</connection> > > <allowed-ips>192.168.152.138/27</allowed-ips> > > <protocol>tcp</protocol> > > <port>514</port> > > </remote> > > > > Thanks for all of you. > > > > > > Best Regards > > > > Iqbal Aroussi > > 514-627-0438 > > > > > > On Mon, Mar 18, 2013 at 12:17 PM, dan (ddp) <[email protected]> wrote: > >> > >> On Mon, Mar 18, 2013 at 11:38 AM, Iqbal Aroussi <[email protected]> > wrote: > >> > Hi everyone, > >> > > >> > I want to inform you that I'm really new to OSSEC and I have two > >> > questions > >> > actually. > >> > > >> > First: > >> > I configured the manager as a central syslog, I wanted to know if > there > >> > is a > >> > way to encrypt > >> > traffic between agents and manager using TLS or SSL. > >> > > >> > >> You could probably use stunnel, but that seems like a hack. If you > >> want the traffic encrypted (although not with ssl/tls) use the secure > >> method instead of syslog. > >> > >> > Second: > >> > By default OSSEC archives the logs and compresses them using gzip, is > it > >> > possible to use bzip2 ? > >> > > >> > >> Only if you modify the source. > >> > >> > Thanks a lot in advance for your help > >> > > >> > Best Regards > >> > > >> > Iqbal Aroussi > >> > 514-627-0438 > >> > > >> > -- > >> > > >> > --- > >> > You received this message because you are subscribed to the Google > >> > Groups > >> > "ossec-list" group. > >> > To unsubscribe from this group and stop receiving emails from it, send > >> > an > >> > email to [email protected]. > >> > For more options, visit https://groups.google.com/groups/opt_out. > >> > > >> > > >> > >> -- > >> > >> --- > >> You received this message because you are subscribed to the Google > Groups > >> "ossec-list" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an > >> email to [email protected]. > >> For more options, visit https://groups.google.com/groups/opt_out. > >> > >> > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to [email protected]. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
