How to Install OSSEC Host Intrusion Detection client in Linux and Solaris

0 0
0 0

OSSEC is a Host-based Intrusion Detection System available for Linux, Solaris, FreeBSD, OpenBSD, Mac OS X etc. It has the feature to perform as log analysis, rootkit detection, real-time alerting system. In this guide, we are going to see how to install OSSEC in Red Hat Linux and Variants. By following we are going to see how to install in Solaris 11.

To perform the installation using yum as follows.

# yum install ossec-hids ossec-hids-client

Edit the OSSEC configuration to change the OSSEC Instruction server IP or use sed to replace as shown below.

# vim /var/ossec/etc/ossec.conf

# sed -i "s/192.168.1.1/192.168.1.100/g" /var/ossec/etc/ossec.conf
# egrep -w --color "192.168.1.100" /var/ossec/etc/ossec.conf

Restart the OSSEC client service

/etc/init.d/ossec-hids restart

Perform Solaris OSSEC client.

Download OSSEC binary package in tar format.

# wget http://192.168.1.10/repo/utils/ossec-hids-2.8.3.tar.gz

Extract the downloaded tar package using below command.

# /usr/sfw/bin/gtar zxf ossec-hids-2.8.3.tar.gz

Navigate to extracted directory, Make and install using ./install.sh.

# cd ossec-hids-2.8.3

# perl -pi -e “s/\/bin\/sh/\/bin\/bash/” src/Makeall src/Makefile

# export CC=/usr/sfw/bin/gcc

# ./install.sh

Once done with installation config file will be under below location.

Config : /var/ossec/etc/ossec.conf

To start, stop the service use below commands.

# /var/ossec/bin/ossec-control start

# /var/ossec/bin/ossec-control stop

We have done with OSSEC client installation for Linux and Solaris servers.

How to Install OSSEC Host Intrusion Detection client in Linux and Solaris 1

About Post Author

Babin Lonston

Overall 14+ Years of experience in the IT field, currently working as a Senior Linux administration with Virtualization & Cloud. Being numismatist for a long time.
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published.

Starting with systemd Journal logging system in Linux Previous post Starting with systemd Journal logging system in Linux with 20 examples
Next post Solution for tar: ././@LongLink: typeflag ‘L’ not recognized, converting to regular file x ././@LongLink, 103 bytes, 1 tape blocks

Subscribe

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!