Search found 1688 matches
- Wed Jun 26, 2019 5:55 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: SACK
- Replies: 7
- Views: 29631
Re: SACK
On older systems it was probably set to no, it is set to yes by default not sure when the change happened though but for sometime its been the default.
- Thu Jun 20, 2019 4:33 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: SACK
- Replies: 7
- Views: 29631
Re: SACK
Only if TSO or GSO is enabled for the interface, and only if you have MSS protection disabled in ASL. Check this setting in ASL: FW_MSS_DROP="yes" ASL has always been immune to this kind of attack, for many many years if this is enabled. If youre not using ASL, then you want to check to se...
- Tue Jun 18, 2019 3:57 pm
- Forum: Atomic OSSEC
- Topic: which agent reported the event?
- Replies: 4
- Views: 29394
Re: which agent reported the event?
Just a followup, the QA build will be released tomorrow into testing.
- Thu Jun 13, 2019 4:37 pm
- Forum: Atomic OSSEC
- Topic: which agent reported the event?
- Replies: 4
- Views: 29394
Re: which agent reported the event?
Doug I see whats happening, it is a setting but a bug is causing it to be hidden in the current GUI. We're pushing an update out into QA to enable this column, and itll be in the testing channel Monday. As soon as its available I'll post that its out. Youll be able to install the update from "t...
- Fri Jun 07, 2019 4:16 pm
- Forum: Atomic OSSEC
- Topic: New machine learning features in OSSEC
- Replies: 0
- Views: 66654
New machine learning features in OSSEC
We're proud to announce the release of our next generation of our cloud based machine learning system for our Atomic Worload Protection and Atomic Enterprise OSSEC customers. What you'll see in both products now is that our cloud based machine learning engine is now able to detect and block attacks ...
- Tue May 07, 2019 10:37 am
- Forum: OSSEC
- Topic: ossec client.keys is missing agent details frequently
- Replies: 1
- Views: 7218
Re: ossec client.keys is missing agent details frequently
What version of the hub and agents are you using?
- Wed Apr 17, 2019 3:04 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Machine learning features in ASL Question
- Replies: 2
- Views: 24047
Re: Machine learning features in ASL Question
Its enabled by regardless of your current settings, unless youve disabled OSSEC on the system.
- Fri Apr 12, 2019 11:51 am
- Forum: Atomicorp Announcements
- Topic: New machine learning features in ASL and OSSEC
- Replies: 0
- Views: 69532
New machine learning features in ASL and OSSEC
We're proud to announce the release of our next generation of our cloud based machine learning system for our ASL and OSSEC customers. What you'll see in both products now is that our cloud based machine learning engine is now able to detect and block attacks across any protocol on the system, for e...
- Fri Mar 01, 2019 4:07 pm
- Forum: General Help and Development Discussion
- Topic: Public key error when updating mod_security RPM
- Replies: 5
- Views: 46538
Re: Public key error when updating mod_security RPM
You should definitely not use that version of modsecurity. There are both bugs and limitations in 2.7.7, you should use 2.9.2 or 2.9.3.
- Tue Feb 19, 2019 5:03 pm
- Forum: OSSEC
- Topic: Long messages being truncated when sent using syslog_output.
- Replies: 10
- Views: 15281
Re: Long messages being truncated when sent using syslog_out
I know in the past this limit was required because not all syslog listeners could handle messages larger than that.
- Sun Dec 23, 2018 5:01 pm
- Forum: OSSEC
- Topic: OSSEC - Signatures/Updates info.
- Replies: 2
- Views: 6894
Re: OSSEC - Signatures/Updates info.
1- Which detection mechanism OSSEC uses? e.g. signature base, heuristic base, behavior base. That depends on what version you are using. If you're using the latest, OSSEC is rule based, signature based, behavior based, machine learning based and cooperative cloud based learning. 2- How to update OSS...
- Wed Nov 14, 2018 4:44 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: CentOS 7.5: Could not retrieve mirrorlist error was 14
- Replies: 5
- Views: 27265
Re: CentOS 7.5: Could not retrieve mirrorlist error was 14
Could you send an email to support AT atomicorp.com. Well get someone on your system to see whats blocking the installation.
- Thu Nov 08, 2018 7:08 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: CentOS 7.5: Could not retrieve mirrorlist error was 14
- Replies: 5
- Views: 27265
Re: CentOS 7.5: Could not retrieve mirrorlist error was 14
Is yum configured to exclude kernel* rpms? And is this system a VPS or a bare iron server?
- Wed Nov 07, 2018 4:28 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: CentOS 7.5: Could not retrieve mirrorlist error was 14
- Replies: 5
- Views: 27265
Re: CentOS 7.5: Could not retrieve mirrorlist error was 14
What happens when you run:
yum upgrade kernel-asl
yum upgrade kernel-asl
- Thu Aug 16, 2018 12:44 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: Clamscan consuming all resources
- Replies: 2
- Views: 24048
Re: Clamscan consuming all resources
We dont use clamscan. Based on your screenshot you've got amavis installed and its using clamscan to scan incoming emails.