How to Install OSSEC Host Intrusion Detection client in Linux and Solaris

0 0
0 0
Read Time:1 Minute

OSSEC is a Host-based Intrusion Detection System available for Linux, Solaris, FreeBSD, OpenBSD, Mac OS X etc. It has the feature to perform as log analysis, rootkit detection, real-time alerting system. In this guide, we are going to see how to install OSSEC in Red Hat Linux and Variants. By following we are going to see how to install in Solaris 11.

To perform the installation using yum as follows.

# yum install ossec-hids ossec-hids-client

Edit the OSSEC configuration to change the OSSEC Instruction server IP or use sed to replace as shown below.

# vim /var/ossec/etc/ossec.conf

# sed -i "s/" /var/ossec/etc/ossec.conf
# egrep -w --color "" /var/ossec/etc/ossec.conf

Restart the OSSEC client service

/etc/init.d/ossec-hids restart

Perform Solaris OSSEC client.

Download OSSEC binary package in tar format.

# wget

Extract the downloaded tar package using below command.

# /usr/sfw/bin/gtar zxf ossec-hids-2.8.3.tar.gz

Navigate to extracted directory, Make and install using ./

# cd ossec-hids-2.8.3

# perl -pi -e “s/\/bin\/sh/\/bin\/bash/” src/Makeall src/Makefile

# export CC=/usr/sfw/bin/gcc

# ./

Once done with installation config file will be under below location.

Config : /var/ossec/etc/ossec.conf

To start, stop the service use below commands.

# /var/ossec/bin/ossec-control start

# /var/ossec/bin/ossec-control stop

We have done with OSSEC client installation for Linux and Solaris servers.

About Author

Babin Lonston

Overall 14+ Years of experience in the IT field, currently working as a Senior Linux administration with Virtualization & Cloud. Being numismatist for a long time.
0 0 %
0 0 %
0 0 %
0 0 %
0 0 %
0 0 %

Leave a Comment

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

We promise not to spam you, and we don't usually send more than one email a week.

You have Successfully Subscribed!

Exit mobile version