install or compile newer version of openssl into machine and try
recompiling ossec?
Ire Kourkoumelis kirjoitti ti 27. marrask. 2018 klo
18.31:
> So, what can I do to resolv this and install ossec?
>
>
>
> El martes, 27 de noviembre de 2018, 13:25:10 (UTC-3), dan (ddpbsd)
> escribió:
>>
>> On
well. does telnet localhost work fine?
Eero
ti 29. toukok. 2018 klo 12.06 kirjoitti:
> Hi,
>
> I am receiving the error:
>
>
>
> *2018/05/28 17:29:54 ossec-maild(1223): ERROR: Error Sending email to
> 127.0.0.1 (smtp server)2018/05/28 18:00:01 ossec-maild(1223): ERROR: Error
> Sending email to
Log hashing? integrity? Try samhain to guard your ossec logs?
Eero
ma 14. toukok. 2018 klo 19.48 Will Duckworth
kirjoitti:
> Did you ever find out a method? Or just assume the indexing is enough?
>
>
>
> On Thursday, 9 February 2012 19:57:46 UTC, awhitehatter
Well. I don't have access to AIX system, so I cannot fix or help with issue.
Eero
On Mon, Feb 12, 2018 at 11:12 AM, Sardar Salim Shaikh
wrote:
> Hi Eero,
>
> Thanks for your reply !!!
>
> The gcc version on AIX 6.1 is : gcc-4.8.3-1
>
> Please help me with this issue, I'm
Well, are you using gcc on aix? what is output of cc --version and gcc
--version
Eero
2018-01-29 8:55 GMT+02:00 Sardar Salim Shaikh :
> Hello All,
>
> I'm facing some issues installing the ossec agent on the AIX Server 6.3
> and 7.1, I'm getting below error's while
you could also try to edit file src/makefile:
find line 4:
uname_S := $(shell sh -c 'uname -s 2>/dev/null || echo not')
and replace it with
uname_S=SunOS
and try again..
Eero
2017-06-30 2:04 GMT+03:00 Eero Volotinen <eero.voloti...@iki.fi>:
> what is output of:
>
&
what is output of:
make --version
as you can see from errormessage, problem is in the makefile.
2017-06-29 23:39 GMT+03:00 Robert :
> I am having issues installing on Solaris 10 (i.e. Solaris 10 8/11
> s10s_u10wos_17b SPARC) and am getting the error below when it
ource for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>
> # cc --version
> /usr/ucb/cc: language optional software package not installed
>
>
>
> On Monday, June 26, 2017 at 3:25:45 PM UTC-4, Eero Vol
rc/os_crypto/blowfish
> *** Error code 1
> make: Fatal error: Command failed for target `os_crypto'
> Current working directory /export/ossec-hids-2.8.1/src/os_crypto
>
> Error Making os_crypto
> *** Error code 1
> make: Fatal error: Command failed for target `all'
>
> Err
Works fine from my browser.
Eero
2017-03-06 9:58 GMT+02:00 :
> I can't access https://www.atomicorp.com/downloads, the website return
> this error:
>
> Forbidden You do not have permission to access this document.
>
> --
> Web Server at
Is something runnin on port 1514 already? or ossec already running?
Eero
2017-03-01 13:50 GMT+02:00 Eduardo Reichert Figueiredo <
eduardo.reich...@hotmail.com>:
> Dear All,
> i doing installing ossec server in RHEL 6.8, but just ossec-remoted not
> running, i do troubleshooting with commands
. Only strftime works but in some of my cases it's not
> enough :(
>
> Regards
>
> T.
>
> 2017. február 14., kedd 1:19:41 UTC+1 időpontban Eero Volotinen a
> következőt írta:
>>
>> try *log instead of *.log
>>
>> Eero
>>
>> 13.2.2017 6.19
random
> characters/numbers at the end of the filename like:
> log-20160829124854-kibe.1519.22082016.log. The "1519.22" part is random.
> That's why I wanted to use *.log. :(
>
> 2017. február 13., hétfő 14:54:32 UTC+1 időpontban Eero Volotinen a
> következőt írta:
>
Check out this:
Date Based Example
For log files that change according to the date, you can also specify a
strftime format to replace the day, month, year, etc. For example, to
monitor the log C:\Windows\app\log-08-12-15.log, where 08 is the year, 12
is the month and 15 the day (and it is rolled
How about using local postfix for smarthost and configuring relay with it?
--
Eero
2016-12-13 13:37 GMT+02:00 flippery_fish :
> Hi,
>
> Google Compute Engine does not allow outbound connections on ports 25,
> 465, and 587.
>
> As recommended by GCE, I have setup mailjet
How about modifying the installation package?
Eero
2016-09-22 12:56 GMT+03:00 Victor Fernandez :
> Hi,
>
> when you run the OSSEC installer for Windows, you can choose the location
> where OSSEC will be installed. This shouldn't be a problem.
>
> Since OSSEC registers a
You can use ip address any while creating agent keys for roaming devices.
Eero
2016-09-13 10:58 GMT+03:00 Nick Giannoulis :
> Hi all
> I have an OSSEC server running perfectly monitoring all my servers. I
> want to expand it to start monitoring my 'normal' clients ( win7-10
I think that realtime monitoring is not supported under solaris.
eero
8.9.2016 9.40 ip. "Stephen LuShing" kirjoitti:
> I install ossec in solaris and trying to check some directories so I setup
> the following in ossec.conf
>
>
>
>
try installing gcc and then point cc to gcc binary.
Eero
2016-09-06 22:28 GMT+03:00 Stephen LuShing :
> - I am running bash and fixed some places where the was a /bin/sh to
> ./bin/bash.
> - Since Solaris 10 has no cc - I install Sun Studio 12.2 and pointed the
> path of cc
Try creating client key with correct ip addresa..
27.8.2016 12.35 ap. "Ka-Hing Cheung" kirjoitti:
> I have ossec server and agent running in two different docker images. The
> agent is not able to connect to the server:
>
>
> 2016/08/26 20:56:25 ossec-agentd: INFO: Trying to
Are you running out of network or disk speed?
Eero
20.7.2016 10.39 ip. "eyal gershon" kirjoitti:
> Hey Jose,
>
> There was no update or upgrade done.
> I performed the procedure you mentioned before but the results stayed the
> same.
>
> I have around 1600 servers and 400
Tried compiling ossec 2.8.3 under Solaris/x86 5.10 and it worked. Any of
these messages are not errors, they are just warnings.
Please provide complete output from compiling.
Eero
2016-07-19 22:28 GMT+03:00 Kumar Mg :
> Hi,
>
> We also have the agent compilation issue on the
what is your solaris version, platform and gcc version?
this might be related to zlib..
Eero
2016-07-19 22:28 GMT+03:00 Kumar Mg :
> Hi,
>
> We also have the agent compilation issue on the Solaris platform with the
> 2.8.3 version of code. How can we fix the "Checking for
>
Use local smtp instead of it.
Eero
4.7.2016 10.43 ap. "rvb n" kirjoitti:
> Hi Friends,
>
> I am trying to send alert mail from my ossec server to googleapps mail but
> i could not make it. getting enclosed error
>
> my smtp server is googleapp server
>
>
Well. This is impossible. There is no way to see difference between normal
file access and virus crypting all your files..
Eero
7.6.2016 6.31 ip. "Nate" kirjoitti:
> We currently have samba file servers, which of course log access and
> whatnot to the samba logs.
>
> I'm
well. tcp is not supported?
Eero
2016-05-05 9:02 GMT+03:00 Vani Paridhyani :
> Hi!
>
> I need to run ossec over tcp. I made below modifications:
>
> In server ossec.conf:
>
>
>
> syslog
>
> 1515
>
> tcp
>
>
>
>
> In client ossec.conf:
>
>
>
>
>
They are regexp operators ^ beginning of line and $ is end of line..
Eero
28.3.2016 10.11 ip. "Rob B" kirjoitti:
> PS. Almost forgot to add :
>
> What does this mean? ^1000$|^1002$
>
> The "^" and the '$' before the pipe really has me perplexed.
>
> Thx.
>
>
>
KR, Yurii
>
> 2016-03-28 14:10 GMT+03:00 Eero Volotinen <eero.voloti...@iki.fi>:
>
>> you need to supply both passwords to register_host.sh
>>
>> --
>> Eero
>>
>> 2016-03-28 14:04 GMT+03:00 Yurii Shatylo <yuriishat...@gmail.com>:
&g
ot;.
> Do you which line has to be configure in script? In password list I have
> registered login and password by "*register_host.sh*" and I successfully
> authenticate (without ENABLE mode) when I start checking the script. I have
> only issue with ENABLE mode password.
>
>
You need to configure correct enable password in cisco and script too. (or
to password list)
--
Eero
2016-03-28 13:46 GMT+03:00 Yurii Shatylo :
> Dear Colleagues,
>
> Some time ago I setup Cisco ASA agentless monitoring. After Brent’s
> clarification I found out that I
You need to install gcc on your system
19.3.2016 2.33 ip. "ROSHIN SARATH.S" kirjoitti:
> i tried to install OSSEC agent OSSEC HIDS v2.8 in Centos 7 but getting an
> error in final stage
> error is in below
>
> 5- Installing the system
> - Running the Makefile
> ./Makeall:
Err. You must be joking? Try googling with 'CDB'.
Eero
18.3.2016 9.42 ip. "theresa mic-snare" kirjoitti:
> ehlo *,
>
> I have an important question about CDB lists, as I'm just researching for
> my thesis on OSSEC.
> yes, i've read the documentation on readthedocs, maybe
Well. You must be joking. Get one.
--
Eero
2016-03-15 18:44 GMT+02:00 Aymen Belkhiria <belkhiria.ay...@gmail.com>:
> The issue is that I don't have a test environnement.
>
> BR
>
> On Tuesday, March 15, 2016 at 2:15:50 PM UTC+1, Eero Volotinen wrote:
>>
>> Compi
Compile on test host and copy binaries to production host..
Eero
15.3.2016 3.04 ip. "Aymen Belkhiria" kirjoitti:
> Hi there,
>>
>
> I have to install ossec in AIX 5.3 do you have the recompiled ossec agent
> version? was you able to compile it.
> The issue is that the
Just shutdown the server and pack /var/ossec-directory and init scripts to
tarball? restore works just unpacking the tarball to correct directory.
--
Eero
2016-02-25 7:56 GMT+02:00 :
> Hi Team,
>
> Can someone help tell how to take backup & restore for OSSEC 2.8.3.
>
>
> Regards
this particular
> alert - mail alerts seems to be working fine for other rules?
>
> I checked the mail.info for anything obvious, but couldn't see anything
> suspicious at a first glance...
>
> Best regards,
> Fredrik
>
> On Wednesday, February 24, 2016 at 7:54:43 AM UTC+1
Please check your mail server configuration?
2016-02-24 8:28 GMT+02:00 Fredrik :
> Thanks Santiago, please find more details below.
>
> Best regards,
> Fredrik
>
> Yes, I see the alert written to alerts.log (pulled the alert below out of
> the archive from yesterday) and
Key is incorrect ? Try deleting old key and re adding agent?
2.2.2016 6.41 ip. "Robert" kirjoitti:
> Hi,
>
> I already removed and readded one of my agent to to the OSSEC server
> (following this guide
>
Well, why there is such low limit without #define INT_MAX_VALUE YY
Is should be like (Mail->maxperhour > INT_MAX_VALUE) ?
--
Eero
2016-01-28 16:22 GMT+02:00 :
> Hi,
>
> I found that limit and it's hardcoded at function Read_Global(), in
> src/config/global-config.c
>
> if
can realistically handle
> and investigate more than 10,000+ emails in an hour :)
>
> thanks,
>
>
>
>
>
> On Fri, Jan 29, 2016 at 1:16 PM, Eero Volotinen <eero.voloti...@iki.fi>
> wrote:
>
>> Well, why there is such low limit without #define INT_MAX_VAL
So, you are sending over in one hour?
Changing that requires patch and recompiling ossec server.
--
Eero
2016-01-28 11:10 GMT+02:00 Lionel Caignec :
> Hi,
>
> I use ossec to monitor all servers activities from my enterprise including
> creation/modification of file.
>
>
Path of as binary, not /var/ossec
Eero
ke 18. marraskuuta 2015 klo 19.39 Edward <ecanmas...@gmail.com> kirjoitti:
> rpm -qf /var/ossec
> file /var/ossec is not owned by any package
>
>
>
> On Wednesday, November 18, 2015 at 6:34:44 PM UTC+1, Eero Volotinen wrote:
>
h the same sles11 sp1 and not all
> were found, but ossec is installed on this one and working.
> This is getting real frustrating, I need to know what exactly is going
> wrong.
> anyhelp would be much appreciated
>
>
>
> On Monday, November 16, 2015 at 8:52:15 PM UTC+1,
gainst another server with the same sles11 sp1 and not all
> were found, but ossec is installed on this one and working.
> This is getting real frustrating, I need to know what exactly is going
> wrong.
> anyhelp would be much appreciated
>
>
>
> On Monday, November 16, 2
ht be the compiler is missing critical components
> I am getting lost in this issue
>
> On Wednesday, November 18, 2015 at 6:04:17 PM UTC+1, Eero Volotinen wrote:
>>
>> Well,
>>
>> you need to install c++ develoment tools.
>>
>> see url:
>> http:
I think assembler 'as' is missing.
16.11.2015 4.41 ip. "Edward" kirjoitti:
> I am trying to install ossec agent (2.8.1) on sles 11 sp1 and when running
> the ./install.sh I get this error:
>
> cc: error trying to exec 'as': execvp: No such file or directory
>
> I did
oftware from the official website is not made for Sles and thats why I
> have all these issue's.
> what is also annoying is that there is nothing in /var/log/messages , is
> there some debug function as to why the installer is not working?
>
>
> On Monday, November 16, 2015 at 5
ember 16, 2015 at 5:00:30 PM UTC+1, Eero Volotinen wrote:
>>
>> I think assembler 'as' is missing.
>> 16.11.2015 4.41 ip. "Edward" <ecanm...@gmail.com> kirjoitti:
>>
>>> I am trying to install ossec agent (2.8.1) on sles 11 sp1 and when
>&
#
>> [100%]
>>
>>
>> so it has been installed it, but I don't see the installation... don't
>> see the ossec directory being installed
>> package doesnt seem to be working
>>
>>
>>
>> On Monday, November 16, 2015 at 5:42:00
>
> but when i search for rpm i get:
>
> rpm -q ossec-hids-2.8.1-1.1.x86_64.rpm
> package ossec-hids-2.8.1-1.1.x86_64.rpm is not installed
>
> I checked the directories and /var/ossec has not being created
>
> it doesn't look like it has been installed
>
>
>
Well, I extracted buildrequirements from source packages and they look like
this:
*BuildReq*uires: coreutils
*BuildReq*uires: zlib-devel-static
*BuildReq*uires: zlib-devel
*BuildReq*uires: glibc-devel
*BuildReq*uires: openssl-devel
*BuildReq*uires: mysql-devel
*BuildReq*uires:
Try using virustotal scanning service. That is possibly false positive.
Eero
11.11.2015 2.48 ip. kirjoitti:
> Guys
>
> I did download ossec client 2.8.3 and received a warning message: The file
> has a malware: BehavesLike.Win32.Dropper.tc
> I use mcafee webgateway 7.6.0 in
You should use local postfix to relay mails.
Eero
7.11.2015 10.55 ip. kirjoitti:
> Hi all,
>
> I recently installed OSSEC 2.8.1 on a Debian machine, and I really don't
> understand how this email setup works. My config file looks like this:
>
>
> yes
>
You should use nagios for this kind of checks.
Eero
4.11.2015 6.08 ip. "Robert Micallef" kirjoitti:
> Hi,
>
> I was wondering if anyone can help me configure a decoder and subsequently
> an alert for when the NTP offset becomes too high. For security reasons I
> had to
Well, you said that server is located at .200. It isn't according this log .
4.11.2015 12.58 ip. "Reinaldo Fernandes"
kirjoitti:
> Shouldn't I receive a connected successfully instead of this warnig?
>
> I found this and it's says that the agent is having issues to
Are you trying to execute log file?
You need to run sudo tail filename, not sudo filename
Eero
3.11.2015 5.40 ip. "Reinaldo Fernandes"
kirjoitti:
> Hi dan,
> I did now:
> sudo /var/ossec/logs/ossec.log
>
> and I got exactly the same entrys on the logs as before:
sudo tail -f /path/to/filename
Eero
3.11.2015 6.26 ip. "Reinaldo Fernandes"
kirjoitti:
>
> Can you provide me the correct command to run??
> Thank you
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
this is firewall issue.disable local firewall on ossec server.
eero
tiistai 3. marraskuuta 2015 Reinaldo Fernandes <
fernandes.jreina...@gmail.com> kirjoitti:
> Hello,
>
>
>
> My name is Reinaldo Fernandes and I’m contacting you regarding the Ossec
> solution
>
> I have been trying to deploy
Your postfix is incorrectly configured.this is not related with ossec in
anyway.
Eero
2.11.2015 11.37 ap. "Hak Bun" kirjoitti:
> Dear All,
>
> I have just installed Postfix, Dovecot, and Squirrelmail.
> When I test sending out through the web mail, my yahoo can receive the
what is output of command:
cc --version
Eero
2015-10-28 8:59 GMT+02:00 :
> We are facing difficulties in installation of Ossec on our AIX 7.1 server.
>
> Error we are getting
>
> *5- Installing the system*
>
> *- Running the Makefile*
>
>
>
> Making zlib (by
Did you checked out watchguard dimension appliance?
Eero
27.10.2015 10.49 ap. "Tero Onttonen" kirjoitti:
> Hi,
>
> I would be interested in to find a solution regarding Watchguard logs. I
> did not find a solution after some searching.
>
> Did this go any further?
>
>
it's already included in ossec ruleset, just configure alert levels for
email or sms?
Eero
2015-10-23 6:48 GMT+03:00 Hak Bun :
> Dear All,
>
> How can I set alert for authentication failure attempt in windows?
>
> Thanks in advance for your comment.
> Hak
>
> --
>
> ---
>
how about configuring ipsec psk correctly? I don't see much related to
ossec.
--
Eero
2015-10-16 8:30 GMT+03:00 Abdul Adil :
> Hi OSSEC Community,
>
> Could any one please help with this error log from OSSEC ?
> Oct 1 03:17:18 ip-XX-X-X-XX.us-west-2.server 2015:pmthrfw1
rds, as i
> described earlier, agent and clients are having communications but behind
> the NAT through the Site to Site VPN connections
>
>
>
> On Thursday, October 15, 2015 at 11:07:51 AM UTC+5:30, Eero Volotinen
> wrote:
>>
>> to client key ip address field ..
>>
&g
well, you need to use correct ip address while creating client key or using
ip address ANY ..
--
Eero
2015-10-14 15:49 GMT+03:00 Hari Krishna :
> I have both my clients and servers are behind the nat and connected with
> VPN tunnel, Agents within the servers subnet,
to client key ip address field ..
--
Eero
2015-10-15 8:31 GMT+03:00 hari krishna <g2h...@gmail.com>:
> Can you explain in detailed about the solution, where do i have to add
> this ANY ?
>
>
>
> On Wednesday, October 14, 2015 at 6:54:45 PM UTC+5:30, Eero Volotinen
>
Hi,
Is there any problems to set checkpoint to log into syslog and then use
ossec agent on box to forward logs to ossec server? This is usual way to do
this..
--
Eero
2015-09-25 0:37 GMT+03:00 :
> Hello, I'm trying to get my Checkpoint firewall, ips, vpn, etc. logs into
>
Just install it from sources or from atomic repo..
Eero
27.8.2015 3.02 ip. Onion Guy oni0nytiru...@gmail.com kirjoitti:
Hello all,
It appears the latest version of OSSEC requires glibc 2.14. Are there any
versions that require a lower version, specifically 2.12? I am running
CentOS 6 so
Well, you need to give correct permissions to apache as wui is running
under apache uid..
Eeeo
8.8.2015 8.27 ip. Daniel Twardowski noghrisli...@gmail.com kirjoitti:
I'm using OSSEC Server Virtual Appliance 2.8.2 and last night I configured
a few domain controllers to send it their logs. When
and still got the error.
Alerts.log is still growing, though. Up to 4.2G.
On Saturday, August 8, 2015 at 3:29:32 PM UTC-4, Eero Volotinen wrote:
Well, you need to give correct permissions to apache as wui is running
under apache uid..
Eeeo
8.8.2015 8.27 ip. Daniel Twardowski noghri...@gmail.com
Yes, you should update clients too.
Eero
26.7.2015 2.57 ip. HMath h.i.youss...@gmail.com kirjoitti:
Greetings,
I have updated ossec server to latest version , should I update it also in
all clients ?
Thank you
--
---
You received this message because you are subscribed to the Google
How about using postix on localhost? Much better solution..
On Jun 15, 2015 6:04 PM, Mark Feferman mark.fefer...@gmail.com wrote:
I know this topic has been discussed many times, but I'm not sure why it
isn't implemented.
smtp_usernamesend_from_email_username/smtp_username
Well, did you actived active response? It might modify hosts.deny ..
10.5.2015 7.53 ip. fi...@vivaldi.net kirjoitti:
Hi,
Before installing OSSEC on a Debian 8 server, I took a look at the
hosts.deny and hosts.allow files and noted that they were not blank. After
installing OSSEC, however,
even start if you are
not.
Thanks,
Bruno
On Monday, May 4, 2015 at 5:02:11 PM UTC-7, Eero Volotinen wrote:
Really root user? Try again..
Eero
5.5.2015 2.53 ap. Bruno Alvisio bruno@gmail.com kirjoitti:
Hello,
I am trying to install osssec 2.8.1 on Linux hybrid version. When I
Really root user? Try again..
Eero
5.5.2015 2.53 ap. Bruno Alvisio bruno.alvi...@gmail.com kirjoitti:
Hello,
I am trying to install osssec 2.8.1 on Linux hybrid version. When I run
the ./install.sh script as root: I get the following error:
./install.sh: line 725: ./etc/ossec.mc:
How snort logging is configured? Full or fast mode?
3.5.2015 2.51 ap. AMINE.E amine.eloui...@um5s.net.ma kirjoitti:
Hi
I have noticed something with snort-full log format, that it is not
logging the *full_log* into /var/ossec/logs/alerts/alert.log.
it just takes the *first* line and logs it.
Please remove this spammer from mailinglist?
--
Eero
2015-04-09 19:23 GMT+03:00 saquib ansari saquib8860.ans...@gmail.com:
*
NOTE: Only
for W2 candidates*
*Job Title:* ETL Developer
*Location:* Woodlawn, MD
*Duration:* 2+
2015-04-07 21:55 GMT+03:00 Sinisha Erceg ser...@windmobile.ca:
Hello,
I apologize in advance for lack of understanding and I’ve attempted to
look through the forums but I have inherited OSSEC from a predecessor and I
have limited *nix experience. I’ve managed to fix some items but some
Is source address incorrect? Ipsec connections, firewalls with nat rules
can cause this kind of issues.
Try dumping ossec traffic from manager and check that ip source is correct?
Eero
7.4.2015 11.36 ip. Sinisha Erceg ser...@windmobile.ca kirjoitti:
Thanks Eero for your quick reply. I am
Hi,
Please stop spamming ossec list.
--
Eero
2015-04-08 0:16 GMT+03:00 saquib ansari saquib8860.ans...@gmail.com:
*Please have a look on the below requirement and if interested revert me
back with your updated profile.*
*Role: Oracle GL Restructuring Technical Consultant*
How about reading the documentation ?
Eero
31.3.2015 6.17 ip. kirjoitti Nhen Panha panhan...@gmail.com:
Sorry sir!
My skill is Cisco configuration. I don't know how to Configure windows to
track the information.
Could you help me please?
On Sunday, March 29, 2015 at 6:22:01 PM UTC+7, Nhen
2015-03-24 23:31 GMT+02:00 Nhen Panha panhan...@gmail.com:
Help me to configure my router with ossec manager
Do you really understand how cisco logging works? logging trap XXX sets
the log level of cisco to syslog.
Try following settings on cisco (asa)
logging enable
logging trap notifications
--
Eero
2015-03-24 22:09 GMT+02:00 Nhen Panha panhan...@gmail.com:
Hello sir!
Today, I would like to ask you the problem between configuration Ossec and
Cisco devices.
In cisco router and switch I config:
2015-03-21 19:18 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
Help me please!
I installed and configured OSSEC on CentOS 6.6
and also install XAMPP 1.8.1 to sent report to MySQL Server but I got
error as below:
ossec-dbd(5202): ERROR: Error connecting to database
Is telnet 127.0.0.1 3306 working? No connection refused reply?
Eero
21.3.2015 7.36 ip. kirjoitti Network Infrastructure
panhatiger...@gmail.com:
Help me please!
I installed and configured OSSEC on CentOS 6.6
and also install XAMPP 1.8.1 to sent report to MySQL Server but I got
error as
2015-02-13 17:43 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
I don't see anything but I think I config my ASA working properly.
Well, well.
http://www.killyourdarlingsjournal.com/wp/wp-content/uploads/2014/06/5881861191_90de8b5bc9.jpg
--
Eero
--
---
You received this
2015-02-12 10:18 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
I don't know about this problem
You cannot run two services (daemons) on same port. You need to reconfigure
syslog or/and disable and stop it.
--
Eero
--
---
You received this message because you are subscribed to
2015-02-12 10:47 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
can you guide me to config it?
No, you need to use google to find instructions to do that.
--
Eero
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe
2015-02-12 6:06 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
When I open ossec.log I saw that:
Remote syslog allowed from: '192.168.10.1'
Error: Unable to bind port '514'
is syslog already using that port?
--
Eero
--
---
You received this message because you are subscribed
You need to enable logging to syslog server first. command is like logging
trap syslog-level
example:
conf t
logging trap notifications
wr
br,
Eero
--
2015-02-11 8:50 GMT+02:00 Network Infrastructure panhatiger...@gmail.com:
This is the message when I use the command:
but it doesn't work
2015-02-11 12:42 GMT+02:00 shankey shankey.ci...@gmail.com:
HOW server and client communicate? what are the port that need to be open ?
Can we use some other port for client to server communication.
HOW about reading the *docs* first?
--
Eero
--
---
You received this message because
2015-02-10 18:42 GMT+02:00 shankey shankey.ci...@gmail.com:
HI TEAm ,
Can is use OSSEC for FIM solution, to clear my PCI Audit, if yes,
Yes, it can act as fim.
then help me with the hardware requirement and installation procedure.
Err. Maybe you need to hire consult ..
--
Eero
--
I'm looking to avoid having to worry about disk space for this sort of
config.
You must be joking? Disk space is _very_ cheap nowadays and it's also
possible to use compression ..
--
Eero
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
2014-12-01 0:20 GMT+02:00 fi...@vivaldi.net:
Hi,
In a test installation, I noticed that if I add /var/ossec directory in
the list of directories that syscheck should monitor, disk usage speeds up
really fast. In less than 2 hours, disk usage on on a test system doubled.
What's the best
2014-11-12 16:08 GMT+02:00 dan (ddp) ddp...@gmail.com:
On Sat, Nov 8, 2014 at 5:12 AM, Eero Volotinen eero.voloti...@iki.fi
wrote:
Hi List,
looking for gpg signatures for ossec releases? where I can download them?
It doesn't look like they're currently offered.
So, is there any way
Hi List,
looking for gpg signatures for ossec releases? where I can download them?
--
Eero
--
---
You received this message because you are subscribed to the Google Groups
ossec-list group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
2014-07-16 10:35 GMT+03:00 Amritha Kumar amritha.kumar4...@gmail.com:
Hi,
One of my customer has installed Ossec on a RedHat server RHEL 5.4. Now
this server needs to patched as per PCIDSS requirements. The current RedHat
OS version is RHEL 5.4, once patched the version will be 5.10. Please
2014-06-01 17:56 GMT+03:00 Aaron Hunter aaron.hunt...@gmail.com:
Given the major changes in Red Hat 7.0 what do the OSSEC developers
recommend with respect to upgrading from 6.x to 7.0?
Well, did you notice any issues on rhel 7 rc?
--
Eero
--
---
You received this message because you
How about fluentd+kibana?
12.4.2014 16.05 kirjoitti Glenn Ford gmfpa...@gmail.com:
Hi all,
I was originally going to do an OSSEC - OSSIM setup but running into some
issues with RHEL compliance since OSSIM is Debian.
Now I was looking at Splunk (Free) Enterprise but noticed the splunk app
Hi List,
I have some issues with ossec. My ossec server was down about week and
after starting ossec server, all clients start to flood server and they
also eat disk io from client servers.
How to resolve this issue, ie. reset all clients to fresh today state?
--
Eero
--
---
You received
1 - 100 of 146 matches
Mail list logo