
mikeshinn
- Total activity 132
- Last activity
- Member since
- Following 1 user
- Followed by 2 users
- Votes 10
- Subscriptions 66
Activity overview
Latest activity by mikeshinn-
mikeshinn created an article,
ModSecurity: Multipart parsing error
Example: Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 1.2.3.4 ModSecurity: Multipart parsing error (init): Multipart: Boundary not found in C-T. [hostname "etax14.ird.gov.hk"]...
-
mikeshinn created an article,
Request body no files data length is larger than the configured limit
The request has exceeded the locally configured limit for this setting for modsecurity: WAF_SECREQUESTBODYNOFILESLIMIT Increase the limit as needed for your user case. To change this limit for the...
-
mikeshinn created an article,
Request body (Content-Length) is larger than the configured limit
This means that the maximum request body size ModSecurity will accept has been exceeded. The limit is configured in bits. For example: 1 gigabit is 134217728 1 gigabyte is 1073741824 (or 8 ti...
-
mikeshinn created an article,
Audit health check couldn't be completed correctly.
This means that the auditd service is not running on the system. Audit health checks can not be performed if auditd is not running. FIM events will also be missing whodata with auditd not running...
-
mikeshinn created an article,
ossec-modulesd:vulnerability-detector: WARNING: (12345): There was no valid response to
Examples: Jan 1 11:11:11 s27 env: 2018/1/1 11:11:11 ossec-modulesd:vulnerability-detector: WARNING: (5489): There was no valid response to 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2010.m...
-
mikeshinn created an article,
Agents not sending events to hub
If the agent is already registered with the hub, please follow the troubleshooting steps in this article: Step 1) Confirm the process ossec-remoted process is running on the hub, and listening on p...
-
mikeshinn created an article,
ossec-remoted: CRITICAL: (1206): Unable to Bind port '1514' due to [(98)-(Address already in use)]
This message means that the ossec-remoted service is already running. If you are starting this service manually, for example with this command: /var/ossec/bin/ossec-remoted -f Do not start the OSS...
-
mikeshinn created an article,
Cannot determine user of subject (polkit-error-quark, 0)
If you are seeing this information message when running the ASL kernel: ** (pkttyagent:4775): WARNING **: 17:36:11.999: Unable to register authentication agent: GDBus.Error:org.freedesktop.Policy...
-
mikeshinn created an article,
Kernel firewall messages are displayed on console
Some Linux distributions (e.g. Redhat, Centos) send kernel warnings directly to the systems console. For example, these distributions may send to the console firewall log events (e.g. iptables, ip...
-
mikeshinn created an article,
agent_control: ERROR: (1210): Queue '/queue/alerts/ar' not accessible: 'Connection refused'.
If you are seeing errors like this: 2020/01/08 21:57:10 agent_control: ERROR: (1210): Queue '/queue/alerts/ar' not accessible: 'Connection refused'. Or 2020/01/08 21:57:10 agent_control: ERROR: (13...