Introduction
Introduction Statistics Contact Development Disclaimer Help
Post ArzCv2q1HWpQhadfqS by [email protected]
More posts by [email protected]
Post #Arz683wFnm3eCVobKq by [email protected]
0 likes, 1 repeats
I have a very strange issue with my VPS.I am setting up wazuh for my personal u…
Post #Arz6JmLB3ZN3633kye by [email protected]
0 likes, 0 repeats
@phil ss -tlnpMake sure listening on the right interface
Post #Arz6JmScbtKFT8Xha4 by [email protected]
0 likes, 0 repeats
@verita84 @phil and that there's no default firewalling getting in the way
Post #Arz6JmYeFU97lpMVyS by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Already done, as I mentioned, the SYN …
Post #Arz6ZCwoPlVtxc1JMe by [email protected]
0 likes, 0 repeats
@phil @i Is selinux/app armor running ?
Post #Arz6ZD3C22cMHP0PJI by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] It's clear as far as I can tell. I…
Post #Arz6rCttKQHj1jEjke by [email protected]
0 likes, 0 repeats
@phil @verita84 maybe there's some authentication configuration you're …
Post #Arz6rCzuy16bKQ3Y92 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Negative, the agents should register w…
Post #Arz6vZiaR1GWx922Fs by [email protected]
0 likes, 0 repeats
@phil @i Are the ports listening on the public ip or 0.0.0.0?If its on localhos…
Post #Arz6vZpK1yeZI2BPkm by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Hm, that's a great point. I had as…
Post #Arz7O7eXrLjgJAknh2 by [email protected]
0 likes, 0 repeats
@phil @i ss -tlnp
Post #Arz7O7kDWGGyalPKXA by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Bound to 0.0.0.0:1515 and 1514... it s…
Post #Arz8BySMKHbeGTpDKy by [email protected]
0 likes, 0 repeats
@phil @i sudo apparmor_status
Post #Arz8ByY1zC8wY4TkB6 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Don't see anything there related t…
Post #Arz8gaLvzcE2UBPspc by [email protected]
0 likes, 0 repeats
@phil @i Its running so....disable it to see if thats interfering
Post #Arz8gaRxdD2umsEhE0 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Nope, still same thing. All syn packet…
Post #Arz8rhtQIbPB3ZNrBg by [email protected]
0 likes, 0 repeats
@phil @i Would be interesting to see if you can curl/telnet remotly to those po…
Post #Arz8rhzRwCE3MGCfa4 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] I can hit them, but never get a respon…
Post #Arz8vCQBFfx2biN4Ea by [email protected]
0 likes, 0 repeats
@phil @i So you rebooted to properly disable apparmor?
Post #Arz8vCVquaUKtJ1b4i by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] I restarted the services, can't re…
Post #Arz9OKC7QjnT75gL3I by [email protected]
0 likes, 0 repeats
@phil @i Make sure that app armor isnt running after reboot
Post #Arz9OKIV30tvQsfQzw by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Not running, no. Still the same behavi…
Post #ArzABz0uSDJntx7MYK by [email protected]
0 likes, 0 repeats
@phil @i Looking like something wrong on the application side nowCan you curl a…
Post #ArzABz6a77r6BXltOS by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Well, the webui works through the API,…
Post #ArzAkmJFgCdsdTHy6q by [email protected]
0 likes, 0 repeats
@phil @i Does the app have some kind of ip allow or blacklist ?
Post #ArzAkmPdITkKxGH43U by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Not as far as I know. Even if it did, …
Post #ArzBLwnjdQ1RtDGqUy by [email protected]
0 likes, 0 repeats
@phil @i Some apps do that for security, only this range of IPs can connect
Post #ArzBLwtPIKYkAnvNL6 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Nope, nothing referring to my IP, ISP,…
Post #ArzCA8cfxMGv261xJY by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Even stranger, running the wazuh-authd…
Post #ArzCv2q1HWpQhadfqS by [email protected]
0 likes, 0 repeats
@phil @verita84 those ports aren't for http requests, so it's understan…
Post #ArzCv2vKxl58y57v8K by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Sure, but the problem is, the wazuh-ag…
Post #ArzDmpfiRvBXVOT2Ia by [email protected]
0 likes, 0 repeats
@phil @verita84 try going through the https://documentation.wazuh.com/current/u…
Post #ArzDmpm64CHzpBS8FE by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] Already done. I've been on this fo…
Post #ArzE2BsOAyz4iNibDs by [email protected]
0 likes, 0 repeats
@phil @verita84 try the docker deployment method then, so the ghussy is contain…
Post #ArzE2By3ptWMzyN840 by [email protected]
0 likes, 1 repeats
@[email protected] @[email protected] I'd rather not, when I have a perf…
Post #As0VIBYR27PujFYddo by [email protected]
0 likes, 0 repeats
@phil sounds like a firewall may be filtering the incoming traffic.N.B. tcpdump…
Post #As0VIBeoeOWN32XjaS by [email protected]
0 likes, 1 repeats
@[email protected] Yeah, it was nftables.I genuinely believed that UFW&#…
You are viewing proxied material from pleroma.anduin.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.