Search found 1669 matches

by mikeshinn
Thu Apr 08, 2021 3:51 pm
Forum: OSSEC
Topic: Installing Ossec+
Replies: 5
Views: 2366

Re: Installing Ossec+

If your reviewing before purchasing, could you PM me what your username is so I can upgrade your demo to the full product. You will want to run the Atomic OSSEC installer after that, and Ill send you instructions and our support team will get you all setup, as well as show you how to use the GUI.
by mikeshinn
Mon Apr 05, 2021 6:33 pm
Forum: OSSEC
Topic: ERROR: Download failed with ERROR (3)
Replies: 3
Views: 2311

Re: ERROR: Download failed with ERROR (3)

What distro are you using?
by mikeshinn
Mon Apr 05, 2021 6:32 pm
Forum: OSSEC
Topic: Installing Ossec+
Replies: 5
Views: 2366

Re: Installing Ossec+

For the hub, either Centos or Redhat 7/8. Ubuntu hub support is coming soon.

For agents, any modern Linux distro, or Windows or MacOS.
by mikeshinn
Wed Mar 03, 2021 4:12 pm
Forum: OSSEC
Topic: OSSEC usign too much bandwidth
Replies: 2
Views: 2016

Re: OSSEC usign too much bandwidth

What version of OSSEC are using?
by mikeshinn
Mon Jan 25, 2021 5:03 pm
Forum: General Help and Development Discussion
Topic: ASL v6 now available for beta testing
Replies: 1
Views: 10120

ASL v6 now available for beta testing

We've really listened to your feedback and requests for v6, and were happy to announce that v6 of ASL in now ready for beta testing (soon to be called Atomic Protector). Keep in mind this is a beta, so you should expect bugs. Major Changes: * Completely redesigned GUI and architecture for faster per...
by mikeshinn
Mon Jan 25, 2021 4:36 pm
Forum: Atomicorp Free Modsecurity Rules
Topic: New rules download page
Replies: 0
Views: 3281

New rules download page

To make it easier to download the rules, we've released a new download page youll find at the URL below:

https://atomicorp.com/atomic-modsecurity-rules/
by mikeshinn
Wed Jan 20, 2021 6:51 pm
Forum: OSSEC
Topic: Active Response does not want to work
Replies: 1
Views: 2000

Re: Active Response does not want to work

Assuming your script works fine from the command line as root, is there anything OS wise preventing ossec-execd from writing to that file, for example is SELinux blocking ossec-execd from writing to that directory or file?
by mikeshinn
Wed Nov 18, 2020 12:16 pm
Forum: OpenVAS
Topic: openvas-scanner-7.0.0-9465.el7.art.x86_64: install failed
Replies: 1
Views: 3229

Re: openvas-scanner-7.0.0-9465.el7.art.x86_64: install faile

Could you post the full output of the yum command?
by mikeshinn
Mon Nov 09, 2020 5:00 pm
Forum: OpenVAS
Topic: where is config id in openvas
Replies: 2
Views: 2024

Re: where is config id in openvas

Could you explain a little more about what you want to change?
by mikeshinn
Fri Nov 06, 2020 5:11 pm
Forum: OSSEC
Topic: Failing to decode IPv6 addresses
Replies: 5
Views: 2837

Re: Failing to decode IPv6 addresses

What I mean is that there seems to be a bug BEFORE the decoders are selected. The IP address is located before the log text itself, so it's not a matter of decoder here, but about the parser that separates the line into the the fields that are later processed by the decoders. The parser is the deco...
by mikeshinn
Fri Sep 25, 2020 10:54 am
Forum: OSSEC
Topic: Failing to decode IPv6 addresses
Replies: 5
Views: 2837

Re: Failing to decode IPv6 addresses

I think I understand where you might be having trouble. Think of decoders as translators, so even though a log might be going thru a decoder, if it doesnt understand the log message it wont translate it correctly. You need the right decoder for that specific log format, even if its coming from the s...
by mikeshinn
Tue Sep 15, 2020 4:21 pm
Forum: OSSEC
Topic: Failing to decode IPv6 addresses
Replies: 5
Views: 2837

Re: Failing to decode IPv6 addresses

It doesnt look like you have a decoder for that application:

**Phase 2: Completed decoding.
No decoder matched.

Without a decoder, OSSEC doesnt know what each field means.
by mikeshinn
Tue Sep 08, 2020 3:53 pm
Forum: Atomicorp Modsecurity Rules Support
Topic: Support CentOS 8?
Replies: 9
Views: 6595

Re: Support CentOS 8?

EL8 is officially supported.
by mikeshinn
Tue Jun 16, 2020 4:10 pm
Forum: OSSEC
Topic: ossec-remoted not binding to ipv4?
Replies: 12
Views: 4914

Re: ossec-remoted not binding to ipv4?

The 4.0 RPMs are available here:

https://updates.atomicorp.com/channels/ossec-hub-repo/

And the 4.2.x RPMs are available here:

https://updates.atomicorp.com/channels/awp-hub-repo/