浙江福彩3d走势图
我們來自五湖四海,不為別的,只因有共同的愛好,為中國互聯網發展出一分力!

OSSEC installation guide

2013年08月22日16:52 閱讀: 20381 次
OSSEC installation guide
 
SSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows.
The official document link: http://www.ossec.net/doc/index.html
 
 
How to install OSSEC
Download the latest version
[plain] 
#wget http://www.ossec.net/files/ossec-hids-2.7.1-beta-1.tar.gz  
 
 
Extract the compressed package and run the “./install.sh” script (It will guide you through the installation).
[plain] 
# tar -zxvf ossec-hids-*.tar.gz (or gunzip -d; tar -xvf)  
# cd ossec-hids-*  
# ./install.sh  
 
 
Follow the installation prompts and complete all steps.
Install Server on server host.
Install Agent on client host.
 
 
The configuration part
 
Add client agent into Server host.
On server machine type command. 
[plain] 
#/var/ossec/bin/manage_agents  
Select "A" to enter into add agent menu, and input the agent name and IP.
Back to main menu and select "E" option for extract key for client agent.
Copy the Key to somewhere save for agent machine.
On agent machine side. 
[plain] 
#/var/ossec/bin/manage_agents  
Select "I" option for import the key which just extracted from server machine.
You are all set now!
 
 
Some simple command examples.
Check the status of your agents
[html] 
#/var/ossec/bin/agent_control -lc  
or
[plain] 
#/var/ossec/bin/agent_control -i agentID  
 
Check the latest log status
[plain] 
# tail -F /var/ossec/logs/ossec.log  
 
Start/Stop OSSEC process
[plain] 
#/var/ossec/bin/ossec-control start/stop  
 
Manage agent main menu
[plain] 
#/var/ossec/bin/manage_agents  
 
Issues:
There is a bug in official build 2.7 that the agents disconnect after a few minutes.  for resolve it, you may need to upgrade to version 2.7.1 beta.
分享到: 更多
藍客門戶
©2001-2019 中國藍客聯盟 版權所有.
關于藍客聯盟歷史宗旨章程技術服務聯系我們藍客社區

浙江福彩3d走势图 北京11选5前3值走势图 北京赛车最实用的方法 腾讯分分彩和qq分分彩 北京pk10走势软件 有快三开奖直播 快乐8注册网址 3d最容易出的组三 广东十一选五带线走势图 重庆时时彩彩后一公式 981cc棋牌