ossec开源入侵检测系统安装配置V1.0

dirtysea 发表于 2010-6-30 11:59:40

ossec开源入侵检测系统安装配置V1.0

<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><a href="http://www.gaojinbo.com/wp-content/uploads/2010/06/ossec_logo.jpg" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; color: rgb(0, 102, 102); border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; "><img title="ossec_logo" height="85" alt="ossec_logo" src="http://www.gaojinbo.com/wp-content/uploads/2010/06/ossec_logo_thumb.jpg" width="195" border="0" style="margin-top: 0px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: initial; border-right-style: initial; border-bottom-style: initial; border-left-style: initial; border-width: initial; border-color: initial; border-right-width: 0px; border-right-color: initial; border-top-width: 0px; border-top-color: initial; display: inline; border-left-width: 0px; border-left-color: initial; border-bottom-width: 0px; border-bottom-color: initial; "></a><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec开源入侵检测系统安装配置V1.0，文档对server/agent模式进行详细介绍，如果只有一台服务器，可以用local模式，这种方式安装更为简单。<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "> <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">OSSEC简要介绍： <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">OSSEC 是一款开源的入侵检测系统，包括了日志分析，全面检测，rook-kit检测。作为一款HIDS，OSSEC应该被安装在一台实施监控的系统中。另外有时候不需要安装完全版本的OSSEC，如果有多台电脑都安装了OSSEC，那么就可以采用客户端/服务器模式来运行。客户机通过客户端程序将数据发回到服务器端进行分析。在一台电脑上对多个系统进行监控对于企业或者家庭用户来说都是相当经济实用的。<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">环境： <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">centos5.5 x86_64 <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec-hids 2.4.1 <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">192.168.1.222 ossec server <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">192.168.1.223 ossec client1<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">下载地址 <br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">wget <a href="http://www.ossec.net/files/ossec-hids-2.4.1.tar.gz" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; color: rgb(0, 102, 102); border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; ">http://www.ossec.net/files/ossec-hids-2.4.1.tar.gz</a></pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><b style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">一、ossec server安装<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">1.解压安装<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">tar xvzf ossec-hids-2.4.1.tar.gz
cd ossec-hids-2.4.1

./install.sh </pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Para instala??o em português, escolha .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** 要使用中文进行安装, 请选择 .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Fur eine deutsche Installation wohlen Sie .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Για εγκατ?σταση στα Ελληνικ?, επιλ?ξτε .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** For installation in English, choose .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Para instalar en Espa?ol , eliga .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Pour une installation en fran?ais, choisissez <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Per l’installazione in Italiano, scegli .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** 日本語でインストールします．選択して下さい．.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Voor installatie in het Nederlands, kies .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Aby instalowa? w j?zyku Polskim, wybierz .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Для инструкций по установке на русском ,введите .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Za instalaciju na srpskom, izaberi .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Türk?e kurulum i?in se?in .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(en/br/cn/de/el/es/fr/it/jp/nl/pl/ru/sr/tr) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">OSSEC HIDS v2.4.1 Installation Script – http://www.ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">You are about to start the installation process of the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">You must have a C compiler pre-installed in your system.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">If you have any questions or comments, please send an e-mail<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">to dcid@ossec.net (or daniel.cid@gmail.com).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- System: Linux vh.hostcoming.com 2.6.18-164.15.1.el5<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- User: root<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Host: ossec.gaojinbo.com<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– Press ENTER to continue or Ctrl-C to abort. —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">1- What kind of installation do you want (server, agent, local or help)? server <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入server<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Server installation chosen.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">2- Setting up the installation environment.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Choose where to install the OSSEC HIDS : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Installation will be made at /var/ossec .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3- Configuring the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.1- Do you want e-mail notification? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- What’s your e-mail address? hugwww@163.com <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入hugwww@163.com，换成自己的邮箱地址<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- We found your SMTP server as: 163mx03.mxmail.netease.com.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Do you want to use it? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">— Using SMTP server: 163mx03.mxmail.netease.com.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.2- Do you want to run the integrity check daemon? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Running syscheck (integrity check daemon).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.3- Do you want to run the rootkit detection engine? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Running rootcheck (rootkit detection).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.4- Active response allows you to execute a specific<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">command based on the events received. For example,<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">you can block an IP address or disable access for<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">a specific user.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">More information at:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">http://www.ossec.net/en/manual.html#active-response<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Do you want to enable active response? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Active response enabled.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- By default, we can enable the host-deny and the<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">firewall-drop responses. The first one will add<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">a host to the /etc/hosts.deny and the second one<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">will block the host on iptables (if linux) or on<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ipfilter (if Solaris, FreeBSD or NetBSD).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- They can be used to stop SSHD brute force scans,<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">portscans and some other forms of attacks. You can<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">also add them to block on snort events, for example.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Do you want to enable the firewall-drop response? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- firewall-drop enabled (local) for levels >= 6<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Default white list for the active response:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- 8.8.8.8<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Do you want to add more IPs to the white list? (y/n)? : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.5- Do you want to enable remote syslog (port 514 udp)? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Remote syslog enabled.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.6- Setting the configuration to analyze the following logs:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/messages<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/secure<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/maillog<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/httpd/access_log (apache log)<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- If you want to monitor any other file, just change<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">the ossec.conf and add a new localfile entry.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Any questions about the configuration can be answered<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">by visiting us online at http://www.ossec.net .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">— Press ENTER to continue —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">下面程序会自动进行安装，稍等片刻。。。<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- System is Redhat Linux.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Init script modified to start OSSEC HIDS during boot.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Configuration finished properly.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- To start OSSEC HIDS:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/ossec-control start<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- To stop OSSEC HIDS:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/ossec-control stop<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- The configuration can be viewed or modified at /var/ossec/etc/ossec.conf<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Thanks for using the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">If you have any question, suggestion or if you find any bug,<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">contact us at contact@ossec.net or using our public maillist at<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec-list@ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">( http://www.ossec.net/main/support/ ).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">More information can be found at http://www.ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">— Press ENTER to finish (maybe more information below). —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- In order to connect agent and server, you need to add each agent to the server.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Run the ‘manage_agents’ to add or remove them:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/manage_agents<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">More information at:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">http://www.ossec.net/en/manual.html#ma<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">2.启动ossec<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">service ossec start</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.查看进程<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">ps aux|grep ossec</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#出现以下内容，说明成功运行<br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">root 1009 0.0 0.0 61196 732 pts/0 S+ 11:33 0:00 grep ossec<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossecm 32283 0.0 0.0 10256 552 ? S 10:48 0:00 /var/ossec/bin/ossec-maild<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">root 32287 0.0 0.0 5940 444 ? S 10:48 0:00 /var/ossec/bin/ossec-execd<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec 32291 0.1 0.0 7356 2024 ? S 10:48 0:03 /var/ossec/bin/ossec-analysisd<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">root 32295 0.0 0.0 3984 496 ? S 10:48 0:00 /var/ossec/bin/ossec-logcollector<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">root 32307 1.2 0.0 4256 1072 ? S 10:48 0:33 /var/ossec/bin/ossec-syscheckd<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec 32311 0.0 0.0 6192 520 ? S 10:48 0:00 /var/ossec/bin/ossec-monitord<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "> <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><b style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">二、ossec client安装<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">tar xvzf ossec-hids-2.4.1.tar.gz
cd ossec-hids-2.4.1

./install.sh </pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Para instala??o em português, escolha .<br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** 要使用中文进行安装, 请选择 .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Fur eine deutsche Installation wohlen Sie .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Για εγκατ?σταση στα Ελληνικ?, επιλ?ξτε .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** For installation in English, choose .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Para instalar en Espa?ol , eliga .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Pour une installation en fran?ais, choisissez <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Per l’installazione in Italiano, scegli .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** 日本語でインストールします．選択して下さい．.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Voor installatie in het Nederlands, kies .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Aby instalowa? w j?zyku Polskim, wybierz .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Для инструкций по установке на русском ,введите .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Za instalaciju na srpskom, izaberi .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Türk?e kurulum i?in se?in .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(en/br/cn/de/el/es/fr/it/jp/nl/pl/ru/sr/tr) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">OSSEC HIDS v2.4.1 Installation Script – http://www.ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">You are about to start the installation process of the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">You must have a C compiler pre-installed in your system.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">If you have any questions or comments, please send an e-mail<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">to dcid@ossec.net (or daniel.cid@gmail.com).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- System: Linux web 2.6.18-194.3.1.el5<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- User: root<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Host: web.gaojinbo.com<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– Press ENTER to continue or Ctrl-C to abort. —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">1- What kind of installation do you want (server, agent, local or help)? agent <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入agent,回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Agent(client) installation chosen.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">2- Setting up the installation environment.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Choose where to install the OSSEC HIDS : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Installation will be made at /var/ossec .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3- Configuring the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.1- What’s the IP Address of the OSSEC HIDS server?: 192.168.1.222 <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入ossec server的ip,回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.2- Do you want to run the integrity check daemon? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Running syscheck (integrity check daemon).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.3- Do you want to run the rootkit detection engine? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Running rootcheck (rootkit detection).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.4 – Do you want to enable active response? (y/n) : <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">3.5- Setting the configuration to analyze the following logs:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/messages<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/secure<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">– /var/log/maillog<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- If you want to monitor any other file, just change<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">the ossec.conf and add a new localfile entry.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Any questions about the configuration can be answered<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">by visiting us online at http://www.ossec.net .<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">— Press ENTER to continue —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">程序自动安装，稍等片刻。。。<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- System is Redhat Linux.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Init script modified to start OSSEC HIDS during boot.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Configuration finished properly.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- To start OSSEC HIDS:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/ossec-control start<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- To stop OSSEC HIDS:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/ossec-control stop<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- The configuration can be viewed or modified at /var/ossec/etc/ossec.conf<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Thanks for using the OSSEC HIDS.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">If you have any question, suggestion or if you find any bug,<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">contact us at contact@ossec.net or using our public maillist at<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ossec-list@ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">( http://www.ossec.net/main/support/ ).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">More information can be found at http://www.ossec.net<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">— Press ENTER to finish (maybe more information below). —<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- You first need to add this agent to the server so they<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">can communicate with each other. When you have done so,<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">you can run the ‘manage_agents’ tool to import the<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">authentication key from the server.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">/var/ossec/bin/manage_agents<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">More information at:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><a href="http://www.ossec.net/en/manual.html#ma" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; color: rgb(0, 102, 102); border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; ">http://www.ossec.net/en/manual.html#ma</a><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "> <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><b style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">三、添加ossec client到ossec server<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">1.服务器端操作<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">/var/ossec/bin/manage_agents</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* OSSEC HIDS v2.4.1 Agent manager. *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The following options are available: *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(A)dd an agent (A).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(E)xtract key for an agent (E).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(L)ist already added agents (L).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(R)emove an agent (R).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(Q)uit.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Choose your action: A,E,L,R or Q: A <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入A，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">- Adding a new agent (use ‘\q’ to return to the main menu).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Please provide the following:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* A name for the new agent: web <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入web，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The IP Address of the new agent: 192.168.1.223 <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入192.168.1.223,这是client ip，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* An ID for the new agent: <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Agent information:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ID:001<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Name:web<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">IP Address:192.168.1.223<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Confirm adding it?(y/n): y <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Agent added.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* OSSEC HIDS v2.4.1 Agent manager. *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The following options are available: *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(A)dd an agent (A).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(E)xtract key for an agent (E).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(L)ist already added agents (L).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(R)emove an agent (R).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(Q)uit.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Choose your action: A,E,L,R or Q: E <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入E，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Available agents:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ID: 001, Name: web, IP: 192.168.1.223<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Provide the ID of the agent to extract the key (or ‘\q’ to quit): 001 <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入001，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Agent key information for ‘001′ is:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">MDAxIHdlYiAxOTIuMTY4LjEuMjIzIDBhOTEwYjdlMzQ3ZjM2ZDQwNDI0\ YjUyYjMwNjVlMTU0ZDI5MGRhZjBmZDU3NDU3Yjg1YjgzMzBlNGJlNjY0MjE=<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Press ENTER to return to the main menu.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* OSSEC HIDS v2.4.1 Agent manager. *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The following options are available: *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(A)dd an agent (A).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(E)xtract key for an agent (E).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(L)ist already added agents (L).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(R)emove an agent (R).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(Q)uit.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Choose your action: A,E,L,R or Q: q <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入q，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** You must restart the server for your changes to have effect.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">manage_agents: Exiting ..<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">2.客户端操作<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">导入 key<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">/var/ossec/bin/manage_agents</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* OSSEC HIDS v2.4.1 Agent manager. *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The following options are available: *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(I)mport key from the server (I).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(Q)uit.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Choose your action: I or Q: i <font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入i，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* Provide the Key generated by the server.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The best approach is to cut and paste it.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">*** OBS: Do not include spaces or new lines.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#将ossec server上’001′的key复制到下面，并按回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Paste it here (or ‘\q’ to quit):<font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">MDAxIHdlYiAxOTIuMTY4LjEuMjIzIDBhOTEwYjdlMzQ3ZjM2ZDQwNDI0YjUy\ YjMwNjVlMTU0ZDI5MGRhZjBmZDU3NDU3Yjg1YjgzMzBlNGJlNjY0MjE=<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Agent information:<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">ID:001<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Name:web<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">IP Address:192.168.1.223<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Confirm adding it?(y/n): y<font color="#ff0000" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#输入y，回车<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Added.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** Press ENTER to return to the main menu.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* OSSEC HIDS v2.4.1 Agent manager. *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">* The following options are available: *<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">****************************************<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(I)mport key from the server (I).<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">(Q)uit.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">Choose your action: I or Q: q<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">** You must restart the server for your changes to have effect.<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">manage_agents: Exiting ..<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">启动ossec<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">/var/ossec/bin/ossec-control start</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">查看端口<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><pre style="margin-top: 10px; margin-right: 10px; margin-bottom: 10px; margin-left: 10px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; border-top-style: solid; border-right-style: solid; border-bottom-style: solid; border-left-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px; border-top-color: rgb(154, 154, 154); border-right-color: rgb(154, 154, 154); border-bottom-color: rgb(154, 154, 154); border-left-color: rgb(154, 154, 154); color: blue; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: rgb(243, 242, 237); background-position: initial initial; background-repeat: initial initial; ">netstat -antup|grep ossec</pre><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">#出现以下内容，说明成功运行<br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">udp 0 0 192.168.1.223:59029 192.168.1.222:1514 ESTABLISHED 28181/ossec-agentd<p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "> <p style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 10px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; "><br style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; list-style-type: none; list-style-position: initial; list-style-image: initial; text-decoration: none; ">配置完成！

页: [1]

运维之家's Archiver

ossec开源入侵检测系统安装配置V1.0