-
使用命令daemon -uninstall后,查看进程,还是会有daemon和agent,只有syshook_execve是卸载了
[root@localhost ~]# ps -ef | grep 192.168
root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.47.104
root 7616 7…
-
This is illegal as per https://www.w3.org/TR/REC-xml/#sec-comments
> [...]the string " -- " (double-hyphen) must not occur within comments.
The occurrence of a double hyphen may prevent proper p…
-
使用命令daemon -uninstall后,查看进程,还是会有daemon和agent,只有syshook_execve是卸载了
[root@localhost ~]# ps -ef | grep 192.168
root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.…
-
**Describe the bug**
Bluetooth host cannot load the values it previously stored in settings. After wake up or reset, it asserts with `set-value operation failure`.
In `settings_set_value_priv()`, `s…
Qbicz updated
5 years ago
-
## Bug report
**OS**
FreeBSD 11.2
**Wazuh version**
3.6.1
**Install type**
hybrid
**Install method**
sources
**Log sample**
```
gmake[1]: Entering directory '/usr/ports/security…
-
/var/ossec/var/db
root:ossec
770
/var/ossec/var/multigroups
root:ossec
770
-
[root@yulong-hids]# ./agent 17.**.***.*8 debug
2018/06/28 11:13:29 DEBUG MODE
2018/06/28 11:13:29 Web API: https://17.**.***.*8/json/serverlist
2018/06/28 11:13:29 Available server node: []
2018/0…
ghost updated
5 years ago
-
正常安装好agent后,此时执行python s5.py在web端看到告警(功能正常),重启后,再次执行命令发现没有告警(功能异常),手动执行agent ip debug,发现出现如下错误:
connect syshook netlink error
此时查看65530端口是open的,通过对比安装完agent和重启后的端口情况发现:重启后agent少开放了一个随机端口
刚安装完agent的…
-
Noticed the following in my active-responses.log today:
```
Fri Sep 1 18:57:44 CEST 2017 Invalid ip/hostname entry: dead:beef:dead:beef:dead:beef:dead:beef
```
Seems the current host-deny.sh …
ghost updated
5 years ago
-
There's a directory traversal issue on the local windows OSSEC agent that allows a low privilege user to become nt authority\system if they have access to the OSSEC server.
Requirements to exploit:…