September 2018
M T W T F S S
« Aug    
 12
3456789
10111213141516
17181920212223
24252627282930

Categories

WordPress Quotes

The fear of death follows from the fear of life. A man who lives fully is prepared to die at any time.
Mark Twain

Recent Comments

September 2018
M T W T F S S
« Aug    
 12
3456789
10111213141516
17181920212223
24252627282930

Short Cuts

2012 SERVER (64)
2016 windows (9)
AIX (13)
Amazon (32)
Ansibile (18)
Apache (132)
Asterisk (2)
cassandra (2)
Centos (209)
Centos RHEL 7 (257)
chef (3)
cloud (2)
cluster (3)
Coherence (1)
DB2 (5)
DISK (25)
DNS (9)
Docker (25)
Eassy (11)
EXCHANGE (3)
Fedora (6)
ftp (5)
GIT (3)
GOD (2)
Grub (1)
Hacking (10)
Hadoop (6)
horoscope (23)
Hyper-V (10)
IIS (15)
IPTABLES (15)
JAVA (6)
JBOSS (32)
jenkins (1)
Kubernetes (2)
Ldap (5)
Linux (189)
Linux Commands (167)
Load balancer (5)
mariadb (14)
Mongodb (4)
MQ Server (21)
MYSQL (83)
Nagios (5)
NaturalOil (13)
Nginx (29)
Ngix (1)
openldap (1)
Openstack (6)
Oracle (34)
Perl (3)
Postfix (19)
Postgresql (1)
PowerShell (2)
Python (3)
qmail (36)
Redis (12)
RHCE (28)
SCALEIO (1)
Security on Centos (29)
SFTP (1)
Shell (64)
Solaris (58)
Sql Server 2012 (4)
squid (3)
SSH (10)
SSL (14)
Storage (1)
swap (3)
TIPS on Linux (28)
tomcat (59)
Uncategorized (29)
Veritas (2)
vfabric (1)
VMware (28)
Weblogic (38)
Websphere (71)
Windows (19)
Windows Software (2)
wordpress (1)
ZIMBRA (17)

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.

Who's Online

43 visitors online now
4 guests, 39 bots, 0 members

Hit Counter provided by dental implants orange county

OSSEC Server Installation on CentOS

OS: CentOS 5.6 i386, CentOS 6.2 i386
Ossec Version: 2.6
Hardware: Virtual Machine (VirtualBox 4.1.14)

About

OSSEC is an opensource Host Intrustion Detection System (HIDS). OSSEC let you monitor log files, integrity of files and detects root kits in a client-server environment.

OSSEC Server Installation

  • Install wget and update your system
yum install wget -y
yum update -y
reboot
  • If you are using CentOS 6 install EPEL repository
rpm -Uvh http://ftp.heanet.ie/pub/fedora/epel/6/i386/epel-release-6-7.noarch.rpm
  • Install atomic repository on your system
wget -q -O - https://www.atomicorp.com/installers/atomic | sh
Press Enter to accept the terms
  • Install OSSEC packages and apache for the WUI
yum install ossec-hids ossec-hids-server httpd php -y
  • Download and extract ossec-wui
cd /var/www/html
wget http://www.ossec.net/files/ui/ossec-wui-0.3.tar.gz
tar zxvf ossec-wui-*.tar.gz
rm -f ossec-wui-*.tar.gz
mv ossec-wui-* ossec-wui 
chown -R apache:apache /var/www/html/ossec-wui
  • Download and install ossec-wui patches
mkdir /usr/local/src/ossec
cd /usr/local/src/ossec
wget http://www.dopefish.de/files/ossec/ossec-wui-0.3_ossec_2.6.patch.tgz
cd /var/www/html/ossec-wui
tar zxvf /usr/local/src/ossec/ossec-wui-0.3_ossec_2.6.patch.tgz
mkdir /var/www/html/ossec-wui/tmp
chown apache:apache /var/www/html/ossec-wui/tmp
  • Edit ossec configuration file and configure emails parameters in the global section and change the location of apache log files in the end of ossec.conf file
vi /var/ossec/etc/ossec.conf
...
  <global>
    <email_notification>yes</email_notification>
    <email_to>daniel.cid@xxx.com</email_to>
    <smtp_server>smtp.xxx.com.</smtp_server>
    <email_from>ossecm@ossec.xxx.com.</email_from>
  </global>
...
  <localfile>
    <log_format>apache</log_format>
    <location>/var/log/httpd/access_log</location>
  </localfile>

  <localfile>
    <log_format>apache</log_format>
    <location>/var/log/httpd/error_log</location>
  </localfile>
  • Add apache user to ossec group
usermod -G ossec apache
  • Configure OSSEC to run at startup and start it
chkconfig ossec-hids on
service ossec-hids start
  • Configure apache to run at startup and start it
chkconfig httpd on
service httpd start

That’s it. Ossec server installation completed. You can browse to http://ossec_srv_IP/ossec-wui. The default user and password are: ossec/ossec.

After completing the server installation you can install new clients using these guides:

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

  

  

  

Blue Captcha Image
Refresh

*

Protected by WP Anti Spam