Search found 1685 matches

by mikeshinn
Tue Oct 24, 2023 5:02 pm
Forum: OSSEC
Topic: Virtual Appliance throws an error when installing
Replies: 1
Views: 6824

Re: Virtual Appliance throws an error when installing

The virtual appliances are no longer maintained.

Could you send an email to support@atomicorp.com so we can look up your OSSEC+ account?
by mikeshinn
Mon Jul 25, 2022 2:28 pm
Forum: OSSEC
Topic: oum update ERROR: Download failed with ERROR (6)
Replies: 17
Views: 34463

Re: oum update ERROR: Download failed with ERROR (6)

Opensearch is the Apache 2.0 licensed fork of Elastic Search.
by mikeshinn
Tue Jul 12, 2022 3:42 pm
Forum: Atomic OSSEC
Topic: Matching certain rule crashes the system
Replies: 5
Views: 19975

Re: Matching certain rule crashes the system

The active-responses.log file should tell you the rule that was triggered, for example:

Tue Jul 12 12:32:21 PDT 2022 /var/ossec/active-response/bin/host-deny.sh add - 1.2.3.4 1657654341.8325652 477641

477641 is the rule that was triggered.
by mikeshinn
Thu Jun 30, 2022 1:07 pm
Forum: Atomicorp Modsecurity Rules Support
Topic: Atomicorp down?
Replies: 3
Views: 18124

Re: Atomicorp down?

Its actually hosted in three different data centers (on two different continents), this issue occurred when we add ipv6 support to the load balancers and the VLANs did not propagate the IPv4 networks as well due to a bug in the VLAN software. The systems have been updated and the issue should not oc...
by mikeshinn
Thu Mar 17, 2022 4:38 pm
Forum: Atomicorp Free Modsecurity Rules
Topic: Ubuntu 20.04, Nginx, modsecurity and AUM
Replies: 1
Views: 12528

Re: Ubuntu 20.04, Nginx, modsecurity and AUM

aum doesnt understand nginx yet, so for now you will need to download the nginx rules manually. We do recommend using our prebuilt modsecurity plugin for nginx: https://docs.atomicorp.com/gotrootModsec/linux/index.html#manual-installation-nginx Please let us know if you need any help setting this up.
by mikeshinn
Tue Mar 01, 2022 6:02 pm
Forum: Atomicorp Announcements
Topic: New 7.0 interface available for alpha testing
Replies: 0
Views: 22930

New 7.0 interface available for alpha testing

We have made our new AWP 7.0 interface available for alpha testing. If you are interested in trying it out, you can upgrade with: yum --enablrepo=asl-7.0-testing upgrade awp-web image (2).png The interface is not feature complete , but it has the new custom dashboard interface available now. You can...
by mikeshinn
Mon Jan 10, 2022 4:50 pm
Forum: OSSEC
Topic: Server is not a Master?
Replies: 1
Views: 10388

Re: Server is not a Master?

Thats normally the output if you only installed the agent, youll need to install the server.

If you think you did, could you share with us the commands you ran to install the server?
by mikeshinn
Thu Dec 16, 2021 1:22 pm
Forum: OSSEC
Topic: Nginx with Ossec
Replies: 1
Views: 9531

Re: Nginx with Ossec

OSSEC doesnt require a web server, so it doesnt matter what you install web server wise. Is there something youre trying to do with ossec that requires a web server?
by mikeshinn
Fri Dec 10, 2021 3:10 pm
Forum: PHP Help and Discussion
Topic: PHP 5.6 end of support
Replies: 9
Views: 27650

Re: PHP 5.6 end of support

CentOS 7 is good through 2024. Or you can switch to Rocky Linux which is CentOS8 equivalent .
by mikeshinn
Fri Nov 19, 2021 4:21 pm
Forum: OSSEC
Topic: ossec-syscheckd ERROR 1756
Replies: 1
Views: 10023

Re: ossec-syscheckd ERROR 1756

What version of OSSEC?
by mikeshinn
Tue Nov 09, 2021 2:34 pm
Forum: Requests
Topic: ClamAV 0.103.4 LTS
Replies: 7
Views: 17877

Re: ClamAV 0.103.4 LTS

Were onto the 0.104.x tree, we werent planning to support 0.103.x. Are you unable to use 0.104.x?
by mikeshinn
Tue Oct 05, 2021 5:19 pm
Forum: OSSEC
Topic: ossec agent on windows 10
Replies: 1
Views: 11463

Re: ossec agent on windows 10

1.after entering the server ip and the key how do i continue to connect them and make sure they are connected? The agent runs as a service, and will keep the agent connected to the hub as long as its running on the client. 2. how do i activate the program itself on the windows 10 agent? The installe...
by mikeshinn
Tue Sep 28, 2021 1:12 pm
Forum: OSSEC
Topic: agent disconnect
Replies: 7
Views: 16499

Re: agent disconnect

Whats the specific message your OS generating?
by mikeshinn
Mon Sep 20, 2021 2:17 pm
Forum: General Help and Development Discussion
Topic: Help to Install Python on Ubuntu
Replies: 1
Views: 12063

Re: Help to Install Python on Ubuntu

On many distros, the python binary will be named after the version, for example the binary name may be:

python3.9

Instead of python.
by mikeshinn
Mon Aug 16, 2021 9:06 am
Forum: Atomicorp Free Modsecurity Rules
Topic: New rules download page
Replies: 4
Views: 13644

Re: New rules download page

If youre using Apache, and want all of the capabilities of modsecurity, use 2.9.x. 3.x does not have all of the features that 2.9.x does.

If youre using nginx, youll have to use 3.x, 2.9.x is not very stable with nginx.