Miguel Angel Cazajous

icon indicating an email [email protected]

icon location Córdoba, Argentina

Results 22 comments of Miguel Angel Cazajous

Add process to open ports in syscollector (Linux)

# Port information from UI ## Linux Expand ![2023-06-02_16-27](https://github.com/wazuh/wazuh/assets/13010397/55a44176-a6df-451d-9733-d7e8eda2a940) **Note: There's no process name info.** ## Windows Expand ![2023-06-02_16-28](https://github.com/wazuh/wazuh/assets/13010397/795badcf-75f0-44ad-ada7-eb7e0bd650ae) **Note: Since this is port information, I personally would rather see...

HP-UX Wazuh agent package size increased considerably

# Findings ## Notes The behavior also occurs with AIX (https://github.com/wazuh/wazuh/pull/19012), but since the package is an RPM the compression does not let us see the difference in size with...

Consider remediations for packages' vulnerabilities scan

# Testing :red_circle: ## Environment - Manager Ubuntu Jammy - Agent Centos9 - Agent Windows 11 ## Scan by events Expand - Total vulnerabilities found [vulnerabilities.json](https://github.com/wazuh/wazuh/files/15266044/vulnerabilities.json) [ossec.log.tar.gz](https://github.com/wazuh/wazuh/files/15266138/ossec.log.tar.gz) > [!WARNING] >...

Enable detect installed packages on MacOS

# Quick exploratory :green_circle: ## Packages number before and after the implementation Expand ![image](https://github.com/wazuh/wazuh/assets/13010397/a56064d9-1767-4327-a0e8-1f35c706425b) ![image](https://github.com/wazuh/wazuh/assets/13010397/48cbcea2-ece8-4e24-8d20-6330f2eee7eb) ![image](https://github.com/wazuh/wazuh/assets/13010397/0544a065-2a70-4bf7-9b04-7dd96e1c65fa) Packages before [before_dump.txt](https://github.com/wazuh/wazuh/files/12455736/before_dump.txt) Packages after [after_dump.txt](https://github.com/wazuh/wazuh/files/12455737/after_dump.txt) ## Diff analysis There's only one package `before`...

Enable detect installed packages on MacOS

## Exploratory ### Environment MacOS Catalina ### Master branch Number of packages ![image](https://github.com/wazuh/wazuh/assets/13010397/02e16fd9-b176-4b78-b8a5-6b0ad5d76bad) Using the sysinfo_test_tool five times we get that the time consumed for gathering the inventory packages is...

Enable detect installed packages on MacOS

## Time consumed After the changes, the package detection takes around 420ms. ![image](https://github.com/wazuh/wazuh/assets/13010397/8dbb2f23-ce55-4f92-862b-e660973c1a74) The number of packages detected did not change. ![image](https://github.com/wazuh/wazuh/assets/13010397/07e6f1ef-878b-4ef7-89bb-01c37f3e15d1)

False positive in vulnerability scan (CVE-2023-27482)

Hi @gitusr-gcar, Indeed, this is considering a package with the same name but a different vendor. https://nvd.nist.gov/vuln/detail/CVE-2023-27482 The RH CVEs feed does not report anything about this CVE so this...

Email alerts are not sent when using `full` or `default` format

# Update 06/10 Unable to reproduce any kind of issue using full format, the mail was sent without issues ```console Wazuh Notification. 2024 Jun 10 18:25:32 Received From: jammy->syscheck Rule:...

Email alerts are not sent when using `full` or `default` format

## Update 06/12 Due to the abovementioned limit, it is tedious to use a Gmail account. But it is possible to use the local machine and check the mails at...

Email alerts are not sent when using `full` or `default` format

# Update 06/13 We're not checking for NULL here (although it doesn't fail there due to that, the check is missing). https://github.com/wazuh/wazuh/blob/e44fab6fb7733d803153471996d2590dda24fca2/src/os_maild/sendmail.c#L421 When we use group the value there is...