mikeshinn
- Total activity 63
- Last activity
- Member since
- Following 1 user
- Followed by 2 users
- Votes 7
- Subscriptions 29
Activity overview
Latest activity by mikeshinn-
mikeshinn created an article,
ossec-agentd: WARNING: (1404): Authentication error. Wrong key or corrupt payload. Message received from agent
This message when found on an agent can mean one of two things: 1. The agent is temporarily unable to connect to the hub. 2. The agent has the wrong key, or the key has been deleted or been oth...
-
mikeshinn created an article,
rootcheck: ERROR: No rootcheck_trojans file: '/var/ossec/etc/shared/rootkit_trojans.txt'
This message can be safely ignored. This is a legacy feature in Atomic OSSEC and Atomic Protector and is no longer used. Atomic OSSEC and Atomic Protector have an advanced antimalware system and...
-
mikeshinn created an article,
ModSecurity: Multipart parsing error
Example: Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 1.2.3.4 ModSecurity: Multipart parsing error (init): Multipart: Boundary not found in C-T. [hostname "etax14.ird.gov.hk"]...
-
mikeshinn created an article,
Request body no files data length is larger than the configured limit
The request has exceeded the locally configured limit for this setting for modsecurity: WAF_SECREQUESTBODYNOFILESLIMIT Increase the limit as needed for your user case. To change this limit for the...
-
mikeshinn created an article,
Request body (Content-Length) is larger than the configured limit
This means that the maximum request body size ModSecurity will accept has been exceeded. The limit is configured in bits. For example: 1 gigabit is 134217728 1 gigabyte is 1073741824 (or 8 ti...
-
mikeshinn created an article,
Audit health check couldn't be completed correctly.
This means that the auditd service is not running on the system. Audit health checks can not be performed if auditd is not running. FIM events will also be missing whodata with auditd not running...
-
mikeshinn commented,
The plan is to release that rpm next week. You can follow any open issues (and report them) in the issue tracker here: https://github.com/Atomicorp/gvm/issues
-
mikeshinn commented,
You can do this natively in OSSEC 4.x.
-
mikeshinn commented,
The official VM is deprecated (were moving to containers in stead) and Kibana which wasnt really a thing at the time that version of OSSEC was released which is probably why its not connect to Kiba...
-
mikeshinn created an article,
ossec-modulesd:vulnerability-detector: WARNING: (12345): There was no valid response to
Examples: Jan 1 11:11:11 s27 env: 2018/1/1 11:11:11 ossec-modulesd:vulnerability-detector: WARNING: (5489): There was no valid response to 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2010.m...