- Instant OSSEC Host-based Intrusion Detection System
- Brad Lhotsky
- 198字
- 2021-08-13 16:28:00
How it works...
So, what just happened? There's a lot of output, so let's cover the highlights. The script configures and builds the OSSEC binaries. Once the compilation has completed, the OSSEC users and groups are created on the system if they do not exist. The OSSEC installation directory is created, and the binaries and configuration files we complied are copied into their permanent location on the filesystem. The script then verifies and repairs permissions in the OSSEC installation directory to ensure a working installation. If everything completes successfully, the last step starts the OSSEC daemons and begins analyzing your logs.
It's important that system administrators are aware of the user and group creation as they might be utilizing configuration management software and may wish to create the users and groups prior to running the installation script. The users created are:
ossec: This is the default OSSEC userossecm: This is the OSSEC mailer daemonossecr: This is the OSSEC remote daemon
A single group named ossec containing all these users is also created.
The end result of the process is a default configuration of OSSEC. By now, OSSEC is already gathering log data and analyzing your filesystem.
- 防火墻技術與應用(第2版)
- 云原生安全與DevOps保障
- 解密彩虹團隊非凡實戰能力:企業安全體系建設(共5冊)
- Mastering Reverse Engineering
- 人工智能安全(精裝版)
- End to End GUI Development with Qt5
- Mastering Python for Networking and Security
- 網絡安全實戰詳解(企業專供版)
- Hands-On Artificial Intelligence for Cybersecurity
- 云計算安全:關鍵技術、原理及應用
- ATT&CK與威脅獵殺實戰
- 黑客攻防從入門到精通:絕招版(第2版)
- Blockchain Development with Hyperledger
- 網絡空間安全體系
- 互聯網域名國際化與安全技術導論