diff --git a/etc/ossec-server.conf b/etc/ossec-server.conf index 1a4998c..da49262 100755 --- a/etc/ossec-server.conf +++ b/etc/ossec-server.conf @@ -2,10 +2,10 @@ - yes - daniel.cid@xxx.com - smtp.xxx.com. - ossecm@ossec.xxx.com. + no + your_email_address@example.com + smtp.your_domain.com. + ossecm@ossec.your_domain.com. @@ -94,10 +94,6 @@ 127.0.0.1 - 192.168.2.1 - 192.168.2.190 - 192.168.2.32 - 192.168.2.10 @@ -138,6 +134,7 @@ - level (severity) >= 6. - The IP is going to be blocked for 600 seconds. --> + yes host-deny local 6 @@ -149,6 +146,7 @@ - 600 seconds on the firewall (iptables, - ipfilter, etc). --> + yes firewall-drop local 6 @@ -164,31 +162,31 @@ syslog - /var/log/authlog + /var/log/auth.log syslog - /var/log/secure + /var/log/syslog syslog - /var/log/xferlog + /var/log/daemon.log syslog - /var/log/maillog + /var/log/mail.log apache - /var/www/logs/access_log + /var/log/apache2/access_log apache - /var/www/logs/error_log + /var/log/apache2/error_log