Search found 1691 matches
- Fri Nov 19, 2021 4:21 pm
- Forum: OSSEC
- Topic: ossec-syscheckd ERROR 1756
- Replies: 1
- Views: 61415
Re: ossec-syscheckd ERROR 1756
What version of OSSEC?
- Tue Nov 09, 2021 2:34 pm
- Forum: Requests
- Topic: ClamAV 0.103.4 LTS
- Replies: 7
- Views: 102197
Re: ClamAV 0.103.4 LTS
Were onto the 0.104.x tree, we werent planning to support 0.103.x. Are you unable to use 0.104.x?
- Tue Oct 05, 2021 5:19 pm
- Forum: OSSEC
- Topic: ossec agent on windows 10
- Replies: 1
- Views: 60416
Re: ossec agent on windows 10
1.after entering the server ip and the key how do i continue to connect them and make sure they are connected? The agent runs as a service, and will keep the agent connected to the hub as long as its running on the client. 2. how do i activate the program itself on the windows 10 agent? The installe...
- Tue Sep 28, 2021 1:12 pm
- Forum: OSSEC
- Topic: agent disconnect
- Replies: 7
- Views: 82868
Re: agent disconnect
Whats the specific message your OS generating?
- Mon Sep 20, 2021 2:17 pm
- Forum: General Help and Development Discussion
- Topic: Help to Install Python on Ubuntu
- Replies: 1
- Views: 46183
Re: Help to Install Python on Ubuntu
On many distros, the python binary will be named after the version, for example the binary name may be:
python3.9
Instead of python.
python3.9
Instead of python.
- Mon Aug 16, 2021 9:06 am
- Forum: Atomicorp Free Modsecurity Rules
- Topic: New rules download page
- Replies: 4
- Views: 38530
Re: New rules download page
If youre using Apache, and want all of the capabilities of modsecurity, use 2.9.x. 3.x does not have all of the features that 2.9.x does.
If youre using nginx, youll have to use 3.x, 2.9.x is not very stable with nginx.
If youre using nginx, youll have to use 3.x, 2.9.x is not very stable with nginx.
- Mon Aug 16, 2021 9:05 am
- Forum: Atomicorp Modsecurity Rules Support
- Topic: Support for Ubuntu 20.04
- Replies: 5
- Views: 54542
Re: Support for Ubuntu 20.04
Yes, aum works on Ubuntu. 20.04.
Install aum and it will install modsecurity for you.
Install aum and it will install modsecurity for you.
- Wed Jul 07, 2021 3:55 pm
- Forum: OSSEC
- Topic: How to configure ossec.conf in windows agent for directory/file monitoring
- Replies: 5
- Views: 30945
Re: How to configure ossec.conf in windows agent for directory/file monitoring
Whats your process for testing the agent?
- Thu Jun 10, 2021 10:18 am
- Forum: OSSEC
- Topic: Ossec Agent stays in Never connected state
- Replies: 15
- Views: 58010
Re: Ossec Agent stays in Never connected state
How did you provision the key for the agent?
- Thu Jun 03, 2021 3:28 pm
- Forum: OSSEC
- Topic: Ossec Agent stays in Never connected state
- Replies: 15
- Views: 58010
Re: Ossec Agent stays in Never connected state
Should be port 1514, is it trying 1415 on your system?
- Tue Jun 01, 2021 3:05 pm
- Forum: Atomic OSSEC
- Topic: OSSEC Agent specific port instead of random port
- Replies: 6
- Views: 42570
Re: OSSEC Agent specific port instead of random port
Yeah, thats a better option as the OS is what sets the outbound normally.
- Tue Jun 01, 2021 2:45 pm
- Forum: OSSEC
- Topic: Ossec Agent stays in Never connected state
- Replies: 15
- Views: 58010
Re: Ossec Agent stays in Never connected state
2021/05/31 14:06:16 ossec-remoted(2202): ERROR: Error uncompressing string. That means something tried to send a message of one size, and it was actually of another. Was this a device sending messages to the syslog listener on 514, or an agent on 1514, and if the later, which version and platform?
- Tue Jun 01, 2021 2:44 pm
- Forum: OSSEC
- Topic: Ossec Agent stays in Never connected state
- Replies: 15
- Views: 58010
Re: Ossec Agent stays in Never connected state
So this error means whatevers trying to connect isnt using the right protocol (which could be anything, nmap, telnet, etc.). If thats what you were doing, thats what that means. If not, what agent and version is running on the endpoint, and was this something trying to send events to the hub for sys...
- Fri May 28, 2021 2:29 pm
- Forum: Atomic Protector (formerly ASL)
- Topic: ASL Kernel Status
- Replies: 9
- Views: 239695
Re: ASL Kernel Status
In ASL/AP v6, we no longer use mysql, that however does not deprecate any functionality in ASL/AP.
- Fri May 28, 2021 2:28 pm
- Forum: OSSEC
- Topic: Ossec Agent stays in Never connected state
- Replies: 15
- Views: 58010
Re: Ossec Agent stays in Never connected state
easiest way is to start remoted from the command line and start it with -d which puts into debug mode.