OSSEC: Ubuntu 18.04: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
Onnowpurbo (talk | contribs) No edit summary |
Onnowpurbo (talk | contribs) |
||
| Line 4: | Line 4: | ||
apt update | apt update | ||
apt -y install build-essential make zlib1g-dev libpcre2-dev libz-dev libssl-dev libevent-dev | apt -y install build-essential make zlib1g-dev libpcre2-dev libz-dev libssl-dev libevent-dev | ||
==Download & Install== | |||
sudo su | |||
cd /usr/local/src | |||
wget https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz | |||
tar zxvf 3.6.0.tar.gz | |||
cd /usr/local/src/ossec-hids-3.6.0 | |||
./install.sh | |||
===Cuplikan Proses Instalasi=== | |||
'''CATATAN:''' Sebagian besar cukup tekan '''ENTER''' | |||
* Pilih Bahasa: '''[en]''' | |||
OSSEC HIDS v3.6.0 Installation Script - http://www.ossec.net | |||
You are about to start the installation process of the OSSEC HIDS. | |||
You must have a C compiler pre-installed in your system. | |||
- System: Linux ubuntu 4.15.0-20-generic | |||
- User: root | |||
- Host: ubuntu | |||
'''ENTER''' | |||
1- What kind of installation do you want (server, agent, local, hybrid or help)? | |||
'''server''' | |||
'''hybrid''' | |||
2- Setting up the installation environment. | |||
'''ENTER''' [/var/ossec] | |||
3- Configuring the OSSEC HIDS. | |||
3.1- Do you want e-mail notification? (y/n) [y]: '''ENTER''' | |||
- What's your e-mail address? '''email@address.anda''' | |||
- We found your SMTP server as: smtp.server.anda | |||
- Do you want to use it? (y/n) [y]: '''ENTER''' | |||
3.2- Do you want to run the integrity check daemon? (y/n) [y]: '''ENTER''' | |||
- Running syscheck (integrity check daemon). | |||
3.3- Do you want to run the rootkit detection engine? (y/n) [y]: '''ENTER''' | |||
Fast way steps: | Fast way steps: | ||
| Line 22: | Line 72: | ||
4- Enjoy. | 4- Enjoy. | ||
==Pranala Menarik== | ==Pranala Menarik== | ||
* [[IDS]] | * [[IDS]] | ||
Revision as of 23:41, 29 March 2020
Install Pendukung
sudo su apt update apt -y install build-essential make zlib1g-dev libpcre2-dev libz-dev libssl-dev libevent-dev
Download & Install
sudo su cd /usr/local/src wget https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz tar zxvf 3.6.0.tar.gz cd /usr/local/src/ossec-hids-3.6.0 ./install.sh
Cuplikan Proses Instalasi
CATATAN: Sebagian besar cukup tekan ENTER
- Pilih Bahasa: [en]
OSSEC HIDS v3.6.0 Installation Script - http://www.ossec.net You are about to start the installation process of the OSSEC HIDS. You must have a C compiler pre-installed in your system. - System: Linux ubuntu 4.15.0-20-generic - User: root - Host: ubuntu
ENTER
1- What kind of installation do you want (server, agent, local, hybrid or help)?
server hybrid
2- Setting up the installation environment.
ENTER [/var/ossec]
3- Configuring the OSSEC HIDS.
3.1- Do you want e-mail notification? (y/n) [y]: ENTER - What's your e-mail address? email@address.anda - We found your SMTP server as: smtp.server.anda - Do you want to use it? (y/n) [y]: ENTER 3.2- Do you want to run the integrity check daemon? (y/n) [y]: ENTER - Running syscheck (integrity check daemon). 3.3- Do you want to run the rootkit detection engine? (y/n) [y]: ENTER
Fast way steps:
1- Run the script ./install.sh. It will guide you through the
installation process.
2- The script will create everything in /var/ossec and try to
create the initialization script in your system (/etc/rc.local or /etc/rc.d/init.d/ossec). If the init script is not created, make sure to follow the instructions from the install.sh to make OSSEC HIDS start during the boot. To start it by hand, just run /var/ossec/bin/ossec-control start
3- If you are running it on multiple clients, make sure to install
the server first. Use the manage_agents tool to create the right encryption keys.
4- Enjoy.
