Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
0 votes
0 answers
56 views

Custom OSSEC decoder working in ossec-logtest but not when real OSSEC is used

I'm having some trouble using a custom decoder I defined for OSSEC 3.7.0. I only need to extract srcip, dstip and protocol from my iptables logs, but OSSEC's decoders also extract srcport and dstport, ...
m00nlightsh4dow's user avatar
1 vote
1 answer
555 views

keep ossec iptables rules after restarting OSSEC

I have 6 OSSEC installations (5 agents + 1 server, all Debian 8) all configured to block repeated offenders using iptables from 10 minutes to 1 month. I have the need to restart one or more of the ...
Ialokin's user avatar
  • 481
1 vote
1 answer
191 views

Install ossec ids on citrix xenserver dom0

I'm running citrix xen server on a server with two nic each with dedicated public ip and the management interface is directly connected to the www and protected with iptables that allow connections ...
Open Space's user avatar
0 votes
1 answer
2k views

CAn not open port 1514 in ubuntu iptables

I am installing OSSEC and it says that i need to open port 1514 and 514 in firewall. Now i have added the rule for port 1514 but i still can't get coonect if i use telney like ossec-hids-2.5]# ...
user avatar