store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Tue Oct 21, 2014 9:31 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: WAF and OSSEC rules
Unread postPosted: Fri Feb 18, 2011 12:00 pm 
Offline
Forum User
Forum User

Joined: Fri Feb 18, 2011 11:33 am
Posts: 16
Location: uk
Hi,

I already have an OSSEC deployment and trying to integrate your excellent Modsec rules with it. I see you have written your own OSSEC rules but the decoder is looking for ^[modsecurity] yet I do not see that in any of the logfiles or audit files that get generated :( I would be great to use your decoder/local_rules as they will get updated when the WAF rules change. At the moment the standard apache OSSEC rules are hitting.

Any advice would be gratefully received.


Top
 Profile  
 
 Post subject: Re: WAF and OSSEC rules
Unread postPosted: Fri Feb 18, 2011 5:58 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7936
Location: earth
Absolutely, thats for our fork of mod_security. Its available from the atomic repo, you can install it with:

yum install mod_security


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Exabot [Bot], Yahoo [Bot] and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group