View Poll Results: Do you find this HOWTO Helpfull?

Voters
80. You may not vote on this poll
  • Yes

    76 95.00%
  • No

    4 5.00%
Page 2 of 8 FirstFirst 1234 ... LastLast
Results 11 to 20 of 74

Thread: Howto setup OSSEC-HIDS on your ubuntu box

  1. #11
    Join Date
    Jun 2006
    Beans
    22

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    I've actualy been playing with this recently. Using firestarer should not be a problem because it is just a front-end for IPTables. If you look in
    /var/ossec/active-response you should see a log file there that details when it add/removes it's entries.. you can also test it out by issuing bin/firewall-drop.sh add null a second machines ip address and if all goes well that IP address should have zero connection to your server. So anyways as long as you have Iptables installed and running on your machine and you said "yes" to active-response when you installed ossec it should be doing its job (which you can verify from the log file).


    I'm actualy constructing an in-depth howto on a computer secure server setup because I have found that Ubuntu is a very insecure server by default (for example the version of apache in the repos is outdated and the particular version is suseptibal to several exploits, as with the version of openssl.. (which you can verity by running nikto on your apache server)

  2. #12
    Join Date
    Dec 2005
    Beans
    60
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    I tried to install OSSEC HIDS but although i followed the instructions when the installation is about to compile everything I receive the following error

    5- Installing the system
    - Running the Makefile
    ./install.sh: line 55: make: command not found
    0x0000 - Internal error for 0x5-build




    Does anybody know how to fix this?

  3. #13
    Join Date
    Jun 2006
    Beans
    22

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    Did you install build-essentials ? You don't have make on your machine.

  4. #14
    Join Date
    Dec 2004
    Location
    Braga-Portugal
    Beans
    251

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    This sounds nice and all, but.... one thing looks important to me... How do i remove it? I found that everywhere in this forum this is something people forget, instructions is how to remove stuff they tell you how to install, and it seems quite relevant for newbies such as myself.

    Thanx, sorry to bother.
    Linux user #383892

    (\ /)
    (O.o)
    (> <)

    This is Bunny. Copy Bunny into your signature to help him on his way to world domination.

  5. #15
    Join Date
    Jun 2006
    Beans
    22

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    If you would like to remove it, just reverse the process. Delete the /var/ossec directory, remove the init script and its gone..

  6. #16
    Join Date
    Dec 2004
    Location
    Braga-Portugal
    Beans
    251

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    Thx!
    Linux user #383892

    (\ /)
    (O.o)
    (> <)

    This is Bunny. Copy Bunny into your signature to help him on his way to world domination.

  7. #17
    Join Date
    Mar 2006
    Beans
    44

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    perfect,, this is just what i was looking for,, thank you

  8. #18
    Join Date
    Oct 2004
    Location
    Adelaide, Australia
    Beans
    71
    Distro
    Ubuntu Development Release

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    I have a question, I am setting up ossec with a view to monitor remote windows boxes at work.

    What I need to do is get a summary each day emailed to me.

    Q. How do I do it? I don't just want to be alerted when something is wrong (my bosses like me to appear proactive) so a daily summary, even if it says everything is fine, is required.

    BTW, great product I have it on my home server

  9. #19
    Join Date
    Jun 2005
    Beans
    64

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    This looks really handy, thanks for the HOW-To. The only part that is not clear to me is how to monitor activity. I am running snort > mysql > base - is there a way to tie it in?

    Thanks

  10. #20
    Join Date
    Jun 2006
    Beans
    3

    Re: Howto setup OSSEC-HIDS on your ubuntu box

    very interested, thanks for the help! Gonna setup a server for this and my whole network soon, if i can get some time that is..

Page 2 of 8 FirstFirst 1234 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •