hello1afk
commented
1 week ago https://documentation.wazuh.com/current/compliance/pci-dss/active-response.html
I use block of code in this link to conf (The github doesn't allow me to paste code )
Open hello1afk opened 1 week ago
hello1afk
commented
1 week ago https://documentation.wazuh.com/current/compliance/pci-dss/active-response.html
I use block of code in this link to conf (The github doesn't allow me to paste code )
I am setting up some rules to test the ossec server attacked by flood syn from kali linux. I have configure some rules in ossec.conf to help it defense when being attacked: ![Uploading Screenshot_20240907_102341.png…]()
The active response litterally doesn't work, it doesn't alert sshd authentication fail or anything, and the server is litterally being attacked without any alert to me. Any solutions to this problem? Appreciate for your replies.