I am setting up some rules to test the ossec server attacked by flood syn from kali linux.
I have configure some rules in ossec.conf to help it defense when being attacked:
![Uploading Screenshot_20240907_102341.png…]()
The active response litterally doesn't work, it doesn't alert sshd authentication fail or anything, and the server is litterally being attacked without any alert to me.
Any solutions to this problem? Appreciate for your replies.
I am setting up some rules to test the ossec server attacked by flood syn from kali linux. I have configure some rules in ossec.conf to help it defense when being attacked: ![Uploading Screenshot_20240907_102341.png…]()
The active response litterally doesn't work, it doesn't alert sshd authentication fail or anything, and the server is litterally being attacked without any alert to me. Any solutions to this problem? Appreciate for your replies.