How to deploy OSSEC across a large network of systems from RPMs

OSSEC is a Host-based Intrusion Detection System (HIDS). It is Free Software, made available under the GNU General Public License (version 2).

It can do “log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.” When I was looking for a security solution for my Cloud servers, it was numero uno on a list of such software that I compiled.

Installing it on the couple of servers I maintain (one as an OSSEC server, and the other as an OSSEC agent) was easy (it comes with a very simple, command-line installer), but if you ever need to deploy it on more than a couple of servers, here’s a tutorial that I think can be helpful. It was written by Vic Hargrave, Community Manager for the OSSEC Project, and a developer for the Data Analytics Group at Trend Micro, a security software and service solutions provider that sponsors OSSEC.

Here’s an excerpt from the article:

When I first started playing around with OSSEC I downloaded the agent and server source packages then proceeded to install them by hand. This method was fine when I had a server and 1 or 2 agent systems, but for a large network of systems it is tedious and error prone.

The OSSEC Project offers RPM packages that can be installed with yum on RedHat derived Linux distributions. Using these packages and the ossec-authd system, you can script the installation of OSSEC and automatically register agents with the server.

You may read the complete article here.
OSSEC HIDS Linux security

Related Posts

How to install Ansible on CentOS 7 Ansible is one of the most popular automation and configuration management tool available to anybody with computer systems to manage and automate. In ...
Logging in by facial recognition on Linux Deepin 2013 Logging in by facial recognition is a new feature on Linux Deepin 2013, the latest edition of Linux Deepin, a desktop distribution based on Ubuntu Des...
NetworkManager: Secret weapon for the Linux road warrior NetworkManager is one of those "must-have" and "must-be-installed-by-default" applications that I like to see running on any Linux or BSD desktop dist...
Fedora 20 Cinnamon, KDE and MATE screen shots Fedora 20 has finally been released. It is code-named Heisenbug. As with each release, installation images for the major desktop environments, hard...
Will an upgrade to Windows 10 on a dual-boot system mess GRUB up? So today is the day that Microsoft let Windows 10 out the door. Great, but compared to how we do upgrades in Linux, the Windows 10 upgrade is nothi...
Install a graphical firewall client on Ubuntu 9.10 Although Ubuntu 9.10 (aka Karmic Koala) ships with a command line firewall script - ufw (Uncomplicated FireWall) - for configuring IPTables (netfilter...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


Leave a Comment

Your email address will not be published. Required fields are marked *

*