[ossec-dev] Re: New supposely stable snapshot at the web site

["Meir Michanie" <meirgotroot@xxxxxxxxx>]

I had to comment the following part in order to let ossec work:

<!--
  <localfile>
    <log_format>apache</log_format>
    <location>/var/log/apache2/access.log</location>
  </localfile>
-->

It complained:

2006/08/12 00:40:17 ossec-logcollector: Incorrect message size: '127.0.0.1 - - [12/Aug/2006:00:40:16 +0300] "GET /oss/bsen.php HTTP/1.1" 200 13289 "

http://localhost.localdomain/oss/bsen.php?ssf23df=tff_a&acfffn_lffest%5B0%5D=%230-%283-4%29&action_lst%5B1%5D=%231-%283-5%29&action_lst%5B2%5D=%232-%283-6%29&action_lst%5B3%5D=%233-%283-7%29&action_lst%5B4%5D=%234-%283-8%29&action_lst%5B5%5D=%235-%283-9%29&action_lst%5B6%5D=%236-%283-10%29&action_lst%5B7%5D=%237-%283-11%29&action_lst%5B8%5D=%238-%283-12%29&action_lst%5B9%5D=%239-%283-13%29&action_lst%5B10%5D=%2310-%283-14%29&action_lst%5B11%5D=%2311-%283-15%29&action_lst%5B12%5D=%2312-%283-16%29&action_lst%5B13%5D=%2313-%283-17%29&action_lst%5B14%5D=%2314-%283-18%29&action_lst%5B15%5D=%2315-%283-19%29&action_lst%5B16%5D=%2316-%283-20%29&action_lst%5B17%5D=%2317-%283-21%29&action_lst%5B18%5D=%2318-%283-22%29&action_lst%5B19%5D=%2319-%283-23%29&action_lst%5B20%5D=%2320-%283-24%29&action_lst%5B21%5D=%2321-%283-25%29&action_lst%5B22%5D=%2322-
'

On 9/8/06, Daniel Cid <dcid@xxxxxxxxx> wrote:

Yes, there is one now:

http://www.ossec.net/files/snapshots/ossec-win32-agent-090706.exe

And also a new one for Unix/Linux:

http://www.ossec.net/files/snapshots/ossec-hids-060907.tar.gz

If you guys can update to this latest snapshot and let me know of
any problem it would be great :)

thanks,

Daniel

On 9/6/06, gentuxx <gentuxx@xxxxxxxxx> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Daniel Cid wrote:
> >
> > I just submited a new snapshot to the website. Can anyone take
> > a look at it for me? Just to make sure it works on your systems?
> > If no one find any problem I will start to reference it to other people..
> >
> > http://www.ossec.net/files/snapshots/ossec-hids-060906.tar.gz
> >
> > At least the following bugs were fixed at it:
> >
> > http://www.ossec.net/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&long_desc_type=substring&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&bug_status=RESOLVED&resolution=FIXED&emailassigned_to1=1&emailtype1=substring&email1=&emailassigned_to2=1&emailreporter2=1&emailcc2=1&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=Bug+Number&field0-0-0=noop&type0-0-0=noop&value0-0-0=
> >
> >
> > Let me know of any problem...
> >
> > --
> > Daniel B. Cid
> > dcid ( at ) ossec.net
> >
>
> BTW, is there a windows agent snapshot or 0.9-1a version available?
> Looks like the Sept/Sep bug is still preventing "reliable operation" on
> the windows side.
>
> All of my Windows agents are listed as inactive, but the service is
> running on the systems.
>
> - --
> gentux
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
>
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239  D840 4CF0 39E2
> 18D3 4A9E
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFE/x/PTPA54hjTSp4RAmb0AJ40jKEr06Y5lnli3tat7M4xGfTlOQCgmf3q
> ogQu58+o7+xaaNNnZFNaCwU=
> =gLwW
> -----END PGP SIGNATURE-----
>