Atomicorp

I couldn't run the tests on the main server so i moved the db to a vps with nothing else on it, but on the main server the load usually is at 40-50%. I've changed ASL's dbhost IP to this VPS to troubleshoot. Here's the config on the vps: [mysqld] bind-address=127.0.0.1 local-infile=0 datadir=/var/li...

Hey, I've recently noticed that ASL took 15 minutes to load on a high traffic server. Htop shows multiple threads of mysql running at 100%. I ran show full processlist in mysql and this is what is constantly running. Note: The IP keeps changing everytime I run the command mysql> show full processlis...

Hey, I'd like to have the option to consolidate all the ASL db's for my servers on to one server. I just tried it with the latest build and it has hard coded referrences to tables. I tried going through the dump of the database but could't make out, found two instances while it was creating triggers...

This is weird, clamscan now reads all the files as malicious after running aum -u. I distinctly remember that the first thing I did after receiving the email from my DC was to update ASL via the GUI. But my virus definition DB still contains fewer definitions than your post: ----------- SCAN SUMMARY...

Here's a zip of the all the directories I could find: http://128.199.79.58/hacked.tar

edit:It appears my clamav definition database contains fewer signatures than yours, I'm off by 266039 signatures.

I'm running the ASL kernel. I just checked, it seems that I had the real time scanner disabled. I run a WHM / cPanel server so all the web directories are located inside /home/. Shall I add this path to the real time scanner? edit: I ran the malware scanner manually on the directory where I quaranti...

Hello, I received an email from my DC recently saying that a website I host was compromised. The wordpress site wasn't defaced but I found that the attacker had created various directories at the root with php scripts inside redirecting users elsewhere. The following is the content of one of the ind...

Hey all, Just installed ASL on a brand new server and was welcome by these, any ideas? 2 63 c_web::_init_tables CREATE TRIGGER tortix.before_alert_insert BEFORE INSERT ON alert FOR EACH ROW BEGIN IF (((SELECT code FROM aslw_geo_range WHERE NEW.src_ip BETWEEN ip_start AND ip_end ORDER BY ip_start DES...

Hey, After bashing my head on several walls I've somewhat been able to find the problem. My clients keep complaining that they have trouble accessing services hosted with me, I was troubleshooting a client where I noticed that the ISP provided DNS servers were not resolving any domain on my server a...

The thing is, once i put in the modified config the issue persists even if I revert to the original config. Is percona really restarting when you restart after changing the config? It might be worth checking. And the line that stands out to me is the 10Gb key buffer size. That's massive unless you ...

The thing is, once i put in the modified config the issue persists even if I revert to the original config.

Hey, A couple of weeks ago I made a thread about running ASL on a server with Percona 5.6 and then I experienced problems with ASL being unresponsive and support identified that mysql was hitting ~200%. Turns out it was a problem with the my.cnf I was using. ASL works fine with the following, defaul...

Hey, I've been experiencing an issue for the past couple of months, at first I was the only one with the issue so I resorted to using VPN's to get around it. But this time a client is experiencing the issue. The problem is that random IP's from one of our local ISP's keep getting shunned by ASL, I'v...

I tried posting the output from the log but ASL on the forum kicked me out I've removed parts from the error log which I thought may get blocked again Output from /var/ossec/logs/ossec.log says: ERROR: Queue '/queue/alerts/ar' not accessible: 'Connection refused'. ossec-analysisd(1301): ERROR: Unabl...

I've noticed that events stop being logged every time I update ASL, I usually need to reboot to get it to work again.