User contributions
From Atomicorp Wiki
(Latest | Earliest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)
- 13:39, 21 October 2020 (diff | hist) . . (+820) . . N HIDS 533 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = OSSEC event }} = Description = OSSEC Rootkit detection has detected a servic...") (top)
- 13:37, 21 October 2020 (diff | hist) . . (+753) . . N HIDS 81531 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = OpenSCAP event }} = Description = OpenSCAP has indicated that the compliance ...") (top)
- 13:35, 21 October 2020 (diff | hist) . . (+673) . . N HIDS 81522 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = OpenSCAP event }} = Description = Informational message indicating the setti...") (top)
- 13:33, 21 October 2020 (diff | hist) . . (+907) . . N HIDS 514 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit failure event }} = Description = Rootcheck has detected an app...") (top)
- 13:30, 21 October 2020 (diff | hist) . . (+647) . . N HIDS 502 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = OSSEC event }} = Description = OSSEC Server Service has been restarted == Wh...") (top)
- 13:29, 21 October 2020 (diff | hist) . . (+664) . . N HIDS 5715 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = SSH event }} = Description = A successful SSH login has been detected == Wha...") (top)
- 13:27, 21 October 2020 (diff | hist) . . (+653) . . N HIDS 52506 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Clamav event }} = Description = The Clam-AV malware database has been update...") (top)
- 13:25, 21 October 2020 (diff | hist) . . (+1,414) . . N HIDS 59306 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit failure event }} = Description = Composite rule for multiple w...") (top)
- 13:22, 21 October 2020 (diff | hist) . . (+675) . . N HIDS 506 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = OSSEC Audit event }} = Description = Indicates that the OSSEC client.keys fi...") (top)
- 13:21, 21 October 2020 (diff | hist) . . (+1,010) . . N HIDS 60602 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = This is a generic catchall for Window...") (top)
- 13:15, 21 October 2020 (diff | hist) . . (+989) . . N HIDS 80730 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = SELinux event }} = Description = SELinux has logged a permissions violation...") (top)
- 13:12, 21 October 2020 (diff | hist) . . (+1,091) . . N HIDS 60608 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows error event }} = Description = This is a summary event from the win...") (top)
- 13:07, 21 October 2020 (diff | hist) . . (+1,003) . . N HIDS 59247 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = A local security group has been been...") (top)
- 13:03, 21 October 2020 (diff | hist) . . (+898) . . N HIDS 5108 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Linux System Event }} = Description = The Linux kernel has indicated that th...") (top)
- 13:01, 21 October 2020 (diff | hist) . . (+1,491) . . N HIDS 18153 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit failure event }} = Description = This is a composite rule, 10 ...") (top)
- 12:59, 21 October 2020 (diff | hist) . . (+1,026) . . N HIDS 60642 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = This event indicates that the Softwar...") (top)
- 12:54, 21 October 2020 (diff | hist) . . (+1,204) . . N HIDS 60702 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit failure event }} = Description = This indicates that the VSS s...") (top)
- 12:49, 21 October 2020 (diff | hist) . . (+1,880) . . N HIDS 59335 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = Windows threat protection has indica...") (top)
- 12:44, 21 October 2020 (diff | hist) . . (+1,021) . . N HIDS 61138 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = A new windows service has been added...") (top)
- 12:39, 21 October 2020 (diff | hist) . . (+721) . . N HIDS 81101 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = USB Auditing rule }} = Description = A new USB device has been attached to t...") (top)
- 12:37, 21 October 2020 (diff | hist) . . (+782) . . N HIDS 593 (Created page with " {{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Ossec event log }} = Description = This indicates that the OSSEC event log ...") (top)
- 12:34, 21 October 2020 (diff | hist) . . (+1,151) . . N HIDS 61060 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows performance library }} = Description = This indicates that the windo...") (top)
- 12:28, 21 October 2020 (diff | hist) . . (+1,010) . . N HIDS 59240 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = A security enabled group has been cr...") (top)
- 12:23, 21 October 2020 (diff | hist) . . (+1,043) . . N HIDS 18259 (Created page with " {{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = Windows Terminal Server has indicate...") (top)
- 12:21, 21 October 2020 (diff | hist) . . (+940) . . N HIDS 52511 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Anti-Virus }} = Description = This is a generic (level 3) event to collect r...") (top)
- 12:17, 21 October 2020 (diff | hist) . . (+747) . . N HIDS 59238 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit event }} = Description = A windows active directory group acco...") (top)
- 12:14, 21 October 2020 (diff | hist) . . (0) . . HIDS 60612 (top)
- 12:14, 21 October 2020 (diff | hist) . . (+921) . . N HIDS 60612 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows System Event }} = Description = Application has been installed on th...")
- 12:10, 21 October 2020 (diff | hist) . . (+1,111) . . N HIDS 18602 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows System Event }} = Description = Composite rule identified multiple W...") (top)
- 12:05, 21 October 2020 (diff | hist) . . (+1,166) . . N HIDS 19002 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Compliance Scanner }} = Description = The CIS Compliance scanner is reportin...") (top)
- 12:01, 21 October 2020 (diff | hist) . . (+1,012) . . N HIDS 61110 (Created page with "{{Infobox |header1 = Rule 1 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Windows audit failure event }} = Description = Composite IDS rule indicating...") (top)
- 11:57, 9 January 2018 (diff | hist) . . (-33) . . ASL FAQ (→What Linux distributions do you support?)
- 12:17, 8 January 2018 (diff | hist) . . (-2) . . Unattended installs
- 12:56, 14 December 2017 (diff | hist) . . (+895) . . N HIDS 171002 (Created page with " {{Infobox |header1= Rule 171002 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Exim authentication failure }} = Description = This means that an applica...") (top)
- 13:05, 12 September 2017 (diff | hist) . . (+145) . . Nginx (→NGINX with Libmodsecurity 3.0)
- 11:56, 11 August 2017 (diff | hist) . . (+1) . . Nginx (→NGINX for Libmodsecurity 3.0)
- 11:52, 11 August 2017 (diff | hist) . . (+3) . . Nginx (→Does ASL work with Nginx?)
- 11:47, 11 August 2017 (diff | hist) . . (+851) . . Nginx
- 12:42, 12 April 2017 (diff | hist) . . (-75) . . Atomic ModSecurity Rules (→About the rules)
- 16:29, 6 March 2017 (diff | hist) . . (+439) . . N HIDS 38001 (Created page with "'''Rule ID''' 38001 '''Message''' Plesk saslauthd Failed mail authenticatication attempt '''Description''' This rule detects when Plesk's sassauthd daemon records a s...")
- 13:51, 1 March 2017 (diff | hist) . . (+564) . . N HIDS 60034 (Created page with "'''Rule ID''' 60034 '''Status''' Active rule currently published. '''Description''' This rule is a catch all rule that detects when an application is exceeding the sys...") (top)
- 17:28, 23 February 2017 (diff | hist) . . (+330) . . ASL error messages
- 13:06, 19 December 2016 (diff | hist) . . (+1) . . ASL FAQ (→What is the benefit of Subscribing to ASL?)
- 08:43, 15 September 2016 (diff | hist) . . (+5) . . ASL error messages
- 08:41, 15 September 2016 (diff | hist) . . (+369) . . ASL error messages (→error: unpacking of archive failed on file /var/asl/etc/httpd/logs: cpio: rename)
- 11:21, 25 July 2016 (diff | hist) . . (+102) . . Non-ASL error messages (→This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely.)
- 13:37, 16 March 2016 (diff | hist) . . (+1,471) . . N Vuln firewall fw ipset rule (Created page with "'''Description''' This means that your system does not support ipset type firewall rules. Ipset firewall policies load faster, and scale many times farther than regular ipta...") (top)
- 13:34, 16 March 2016 (diff | hist) . . (+1,319) . . N Vuln firewall fw log rule (Created page with "'''Description''' This means that your system does not support "log" match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL will...") (top)
- 13:34, 16 March 2016 (diff | hist) . . (+1,370) . . N Vuln firewall fw conntrack rule (Created page with "'''Description''' This means that your system does not support "conntrack" match firewall rules. This could indicate a serious internal error. '''Resolving This Vulnerabili...") (top)
- 13:32, 16 March 2016 (diff | hist) . . (+636) . . N Vuln firewall fw openvz limit (Created page with "'''Description''' This means that OpenVZ/Virtuozzo limits on maximum firewall rules are set so low as to not allow firewall rules to be enabled in ASL. The firewall in this c...") (top)
- 13:28, 16 March 2016 (diff | hist) . . (+1,273) . . N Vuln firewall fw wait rule (Created page with "'''Description''' This means that your system does not support "wait" match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL will...") (top)
- 13:27, 16 March 2016 (diff | hist) . . (+1,428) . . N Vuln firewall fw owner rule (Created page with "'''Description''' This means that your system does not support "owner" match firewall rules. Firewall policies that depend on matching user ID's such as the outbound mail pol...") (top)
- 13:26, 16 March 2016 (diff | hist) . . (+1,319) . . N Vuln firewall fw limit rule (Created page with "'''Description''' This means that your system does not support "limit" match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL will...") (top)
- 13:25, 16 March 2016 (diff | hist) . . (+1,325) . . N Vuln firewall fw connlimit rule (Created page with "'''Description''' This means that your system does not support "connlimit" match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. AS...") (top)
- 13:24, 16 March 2016 (diff | hist) . . (+1,322) . . N Vuln firewall fw recent rule (Created page with "'''Description''' This means that your system does not support "recent" match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL w...") (top)
- 13:23, 16 March 2016 (diff | hist) . . (+1,393) . . N Vuln firewall fw lscan rule (Created page with "'''Description''' This means that your system does not support "lscan" match firewall rules. The low level port scan detection capability in ASL will be unavailable. '''Res...") (top)
- 13:22, 16 March 2016 (diff | hist) . . (+1,381) . . N Vuln firewall fw psd rule (Created page with "'''Description''' This means that your system does not support "psd" match firewall rules. The port scan detection capability in ASL will be unavailable. '''Resolving This ...") (top)
- 13:21, 16 March 2016 (diff | hist) . . (+1,376) . . N Vuln firewall fw portknock rule (Created page with "'''Description''' This means that your system does not support "pknock" match firewall rules. The portknocking capability in ASL wil be unavailable. '''Resolving This Vulne...") (top)
- 12:48, 16 March 2016 (diff | hist) . . (+1,268) . . N Vuln firewall fw comment rule (Created page with "'''Description''' This means that your system does not support COMMENT match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL wil...") (top)
- 12:47, 16 March 2016 (diff | hist) . . (+6) . . Vuln firewall fw state tracking (top)
- 12:47, 16 March 2016 (diff | hist) . . (-2) . . Vuln firewall fw state tracking
- 12:47, 16 March 2016 (diff | hist) . . (+12) . . Vuln firewall fw state tracking
- 12:46, 16 March 2016 (diff | hist) . . (+868) . . N Vuln firewall fw state tracking (Created page with "'''Description''' This means that your system does allow creating state tracking rules. This means that services like FTP are non-functional, and regular firewall rules are a...")
- 12:41, 16 March 2016 (diff | hist) . . (+544) . . N Vuln firewall fw delete table (Created page with "'''Description''' This means that deleting firewall tables using the iptables -D command failed. It is likely that the firewall on this system is completely non-functional, a...") (top)
- 12:40, 16 March 2016 (diff | hist) . . (+544) . . N Vuln firewall fw create table (Created page with "'''Description''' This means that creating firewall tables using the iptables -N command failed. It is likely that the firewall on this system is completely non-functional, a...") (top)
- 12:39, 16 March 2016 (diff | hist) . . (+553) . . N Vuln firewall fw list check (Created page with "'''Description''' This means that basic listing of firewall rules using the iptables -L command failed. It is likely that the firewall on this system is completely non-functi...") (top)
- 12:33, 16 March 2016 (diff | hist) . . (+1,270) . . N Vuln clamav realtime (Created page with "'''Description''' This means that you the ClamAV real-time malware scanner was not available. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL w...") (top)
- 12:27, 16 March 2016 (diff | hist) . . (+18) . . Vuln firewall fw status (top)
- 12:27, 16 March 2016 (diff | hist) . . (+618) . . N Vuln firewall fw status (Created page with "Description This means that the ASL network firewall is not active, and no firewall rules are loaded. This means that all firewall based policies are INACTIVE, including blac...")
- 12:23, 16 March 2016 (diff | hist) . . (+1,267) . . N Vuln firewall fw geoip rule (Created page with "'''Description''' This means that your system does not support GEOIP match firewall rules. '''Resolving This Vulnerability''' You need to install the ASL kernel. ASL will...") (top)
- 09:34, 24 February 2016 (diff | hist) . . (+340) . . N Rbldnsd (top)
- 16:48, 7 January 2016 (diff | hist) . . (-14) . . Kernel (→Manual Kernel Installation)
- 16:46, 7 January 2016 (diff | hist) . . (+133) . . Kernel (→Development Kernel)
- 11:16, 7 January 2016 (diff | hist) . . (+163) . . ASL error messages (→error: unpacking of archive failed on file /var/asl/etc/httpd/logs: cpio: rename)
- 11:15, 7 January 2016 (diff | hist) . . (+229) . . ASL error messages (→Generic Errors/Issues)
- 11:11, 7 January 2016 (diff | hist) . . (-5) . . ASL FAQ (→Why do they call it Europe?)
- 11:18, 22 December 2015 (diff | hist) . . (+6) . . ASL 4 Virtualization Notes (→KVM) (top)
- 17:36, 17 November 2015 (diff | hist) . . (+158) . . Kernel (→Development Kernel)
- 17:34, 17 November 2015 (diff | hist) . . (+537) . . Kernel (→Testing the Kernel)
- 11:42, 2 November 2015 (diff | hist) . . (0) . . X with ASL (→From this point forward you should have X working)
- 11:41, 2 November 2015 (diff | hist) . . (+71) . . X with ASL (→From this point forward you should have X working)
- 15:22, 23 September 2015 (diff | hist) . . (-48) . . ASL prerequisites (→Centos 7)
- 15:21, 23 September 2015 (diff | hist) . . (+112) . . ASL prerequisites (→Centos)
- 20:47, 4 January 2015 (diff | hist) . . (-449) . . ASL Troubleshooting (→No events in the ASL GUI)
- 14:02, 21 November 2014 (diff | hist) . . (-29) . . Downloading Rules (→Just a downloader)
- 12:32, 17 November 2014 (diff | hist) . . (0) . . Downloading Rules (→Just a downloader)
- 08:54, 17 October 2014 (diff | hist) . . (+1,609) . . N Remote SysLog (Created page with "The Remote SysLog window allows enabling and configuring remote logging and archiving. Setting 'Enable Remote Syslog Retention' to 'yes' will show display the available optio...") (top)
- 08:52, 17 October 2014 (diff | hist) . . (0) . . N File:Aslw rsyslog.png (top)
- 08:37, 17 October 2014 (diff | hist) . . (+84) . . ASL Web Usage Guide (top)
- 12:56, 9 October 2014 (diff | hist) . . (-35) . . ASL Web Usage Guide
- 12:53, 9 October 2014 (diff | hist) . . (+26) . . Event Report window (top)
- 12:52, 9 October 2014 (diff | hist) . . (+28) . . Country Report window (top)
- 12:52, 9 October 2014 (diff | hist) . . (+25) . . Rule Report window (top)
- 12:52, 9 October 2014 (diff | hist) . . (+24) . . IP Report window (top)
- 12:51, 9 October 2014 (diff | hist) . . (0) . . N File:Aslw rrule.png (top)
- 12:51, 9 October 2014 (diff | hist) . . (0) . . N File:Aslw rip.png (top)
- 12:51, 9 October 2014 (diff | hist) . . (0) . . N File:Aslw revent.png (top)
- 12:51, 9 October 2014 (diff | hist) . . (0) . . N File:Aslw rcountry.png (top)
- 12:47, 9 October 2014 (diff | hist) . . (-43) . . System Monitor (top)
- 12:47, 9 October 2014 (diff | hist) . . (0) . . N File:Aslw sm.png (top)
(Latest | Earliest) View (newer 100 | older 100) (20 | 50 | 100 | 250 | 500)