mikeshinn

Total activity 132
Last activity May 22, 2023 16:05
Member since January 22, 2017 03:26

Following 1 user
Followed by 2 users
Votes 11
Subscriptions 62

Activity overview

Latest activity by mikeshinn

mikeshinn created an article, December 03, 2021 17:08
ModSecurity: Multipart parsing error
1. ModSecurity
2. Frequently Asked Questions
Example: Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 1.2.3.4 ModSecurity: Multipart parsing error (init): Multipart: Boundary not found in C-T. [hostname "etax14.ird.gov.hk"]...
- mikeshinn
- December 03, 2021 17:08
- Updated
- 1 follower
- 0 comments
- 0 votes
mikeshinn created an article, October 28, 2021 19:47
Request body no files data length is larger than the configured limit
1. ModSecurity
2. Frequently Asked Questions
The request has exceeded the locally configured limit for this setting for modsecurity: WAF_SECREQUESTBODYNOFILESLIMIT Increase the limit as needed for your user case. To change this limit for the...
- mikeshinn
- October 28, 2021 19:47
- Updated
- 1 follower
- 0 comments
- 0 votes
mikeshinn created an article, October 05, 2021 18:44
Request body (Content-Length) is larger than the configured limit
1. ModSecurity
2. Frequently Asked Questions
This means that the maximum request body size ModSecurity will accept has been exceeded. The limit is configured in bits. For example: 1 gigabit is 134217728 1 gigabyte is 1073741824 (or 8 ti...
- mikeshinn
- October 05, 2021 18:44
- Updated
- 1 follower
- 0 comments
- 0 votes
mikeshinn created an article, April 12, 2021 22:13
Audit health check couldn't be completed correctly.
1. Atomic OSSEC (AEO)
2. Self Help
This means that the auditd service is not running on the system. Audit health checks can not be performed if auditd is not running. FIM events will also be missing whodata with auditd not running...
- mikeshinn
- May 04, 2021 20:24
- Updated
- 1 follower
- 0 comments
- 0 votes
mikeshinn commented, February 04, 2021 16:15
The plan is to release that rpm next week. You can follow any open issues (and report them) in the issue tracker here: https://github.com/Atomicorp/gvm/issues
- View comment
- mikeshinn
- February 04, 2021 16:15
- 0 votes
mikeshinn commented, February 04, 2021 16:14
You can do this natively in OSSEC 4.x.
- View comment
- mikeshinn
- February 04, 2021 16:14
- 0 votes
mikeshinn commented, February 04, 2021 16:14
The official VM is deprecated (were moving to containers in stead) and Kibana which wasnt really a thing at the time that version of OSSEC was released which is probably why its not connect to Kiba...
- View comment
- mikeshinn
- February 04, 2021 16:14
- 0 votes
mikeshinn created an article, November 06, 2020 21:42
ossec-modulesd:vulnerability-detector: WARNING: (12345): There was no valid response to
1. Atomic OSSEC (AEO)
2. Self Help
Examples: Jan 1 11:11:11 s27 env: 2018/1/1 11:11:11 ossec-modulesd:vulnerability-detector: WARNING: (5489): There was no valid response to 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2010.m...
- mikeshinn
- May 04, 2021 20:24
- Updated
- 1 follower
- 0 comments
- 1 vote
mikeshinn created an article, July 06, 2020 22:41
Agents not sending events to hub
1. Atomic OSSEC (AEO)
2. Self Help
If the agent is already registered with the hub, please follow the troubleshooting steps in this article: Step 1) Confirm the process ossec-remoted process is running on the hub, and listening on p...
- mikeshinn
- March 29, 2021 13:33
- Updated
- 1 follower
- 0 comments
- 0 votes
mikeshinn created an article, June 30, 2020 21:10
ossec-remoted: CRITICAL: (1206): Unable to Bind port '1514' due to [(98)-(Address already in use)]
1. Atomic OSSEC (AEO)
2. Self Help
This message means that the ossec-remoted service is already running. If you are starting this service manually, for example with this command: /var/ossec/bin/ossec-remoted -f Do not start the OSS...
- mikeshinn
- May 04, 2021 20:24
- Updated
- 1 follower
- 0 comments
- 0 votes