2014年8月16日 星期六

[研究] OSSEC - HIDS 2.8 主機型入侵偵測系統 - local 安裝 (CentOS 7.0 x86_64)

[研究] OSSEC - HIDS 2.8 主機型入侵偵測系統 - local 安裝 (CentOS 7.0 x86_64)

2014-08-16

官方網站
http://www.ossec.net/

下載
http://www.ossec.net/main/downloads

安裝


yum -y install gcc httpd php
service httpd restart
cd /usr/local/src
wget http://www.ossec.net/files/ossec-hids-2.8.tar.gz
wget http://www.ossec.net/files/ossec-wui-0.8.tar.gz

tar zxvf ossec-hids-2.8.tar.gz
cd ossec-hids-2.8
./install.sh
cd ..

tar zxvf ossec-wui-0.8.tar.gz -C /var/www/html
mv  /var/www/html/ossec-wui-0.8  /var/www/html/ossec

usermod -G ossec apache
cat /etc/group | grep ossec

# /var/ossec/bin/ossec-control start
# vi /var/ossec/etc/ossec.conf

service ossec restart
systemctl  status  ossec
service httpd restart
firefox http://localhost/ossec &


對 ossec-hids-2.8.tar.gz 做 install.sh 時候會出現一些設定詢問,基本上都是 Enter 用預設值
(安裝型態小弟選 local,有空再測試 server 和 agent)

 (en/br/cn/de/el/es/fr/it/jp/nl/pl/ru/sr/tr) [en]:

1- What kind of installation do you want (server, agent, local or help)?  local  
...(略)

 - System is Redhat Linux.
 - Init script modified to start OSSEC HIDS during boot.

 - Configuration finished properly.

 - To start OSSEC HIDS:
                /var/ossec/bin/ossec-control start

 - To stop OSSEC HIDS:
                /var/ossec/bin/ossec-control stop

 - The configuration can be viewed or modified at /var/ossec/etc/ossec.conf


    Thanks for using the OSSEC HIDS.
    If you have any question, suggestion or if you find any bug,
    contact us at contact@ossec.net or using our public maillist at
    ossec-list@ossec.net
    ( http://www.ossec.net/main/support/ ).

    More information can be found at http://www.ossec.net

    ---  Press ENTER to finish (maybe more information below). ---


[root@localhost ossec-hids-2.8]#








(完)

[研究] OSSEC - HIDS 2.8 主機型入侵偵測系統 - local 安裝 (CentOS 7.0 x86_64)
http://shaurong.blogspot.com/2014/08/ossec-hids-28-local-centos-70-x8664.html

[研究] OSSEC - HIDS 2.7.1 主機型入侵偵測系統 - server/agent 安裝 (CentOS 6.5 x64)
http://shaurong.blogspot.com/2014/02/ossec-hids-271-serveragent-centos-65-x64.html

[研究] OSSEC - HIDS 2.7.1 主機型入侵偵測系統 - local 安裝 (CentOS 6.5 x64)
http://shaurong.blogspot.com/2014/02/ossec-hids-271-local-centos-65-x64.html

[研究] OSSEC - HIDS 2.6 主機型入侵偵測系統 (CentOS 6.0 x86)
http://forum.icst.org.tw/phpbb/viewtopic.php?t=20340

沒有留言:

張貼留言