OSSEC: Ubuntu 18.04
Install Pendukung
sudo su apt update apt -y install build-essential make zlib1g-dev libpcre2-dev libz-dev libssl-dev libevent-dev
Download & Install
sudo su cd /usr/local/src wget https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz tar zxvf 3.6.0.tar.gz cd /usr/local/src/ossec-hids-3.6.0 ./install.sh
Cuplikan Proses Instalasi
CATATAN: Sebagian besar cukup tekan ENTER
- Pilih Bahasa: [en]
OSSEC HIDS v3.6.0 Installation Script - http://www.ossec.net You are about to start the installation process of the OSSEC HIDS. You must have a C compiler pre-installed in your system. - System: Linux ubuntu 4.15.0-20-generic - User: root - Host: ubuntu
ENTER
1- What kind of installation do you want (server, agent, local, hybrid or help)?
server hybrid
2- Setting up the installation environment.
ENTER [/var/ossec]
3- Configuring the OSSEC HIDS.
3.1- Do you want e-mail notification? (y/n) [y]: ENTER - What's your e-mail address? email@address.anda - We found your SMTP server as: smtp.server.anda - Do you want to use it? (y/n) [y]: ENTER 3.2- Do you want to run the integrity check daemon? (y/n) [y]: ENTER - Running syscheck (integrity check daemon). 3.3- Do you want to run the rootkit detection engine? (y/n) [y]: ENTER
Fast way steps:
1- Run the script ./install.sh. It will guide you through the
installation process.
2- The script will create everything in /var/ossec and try to
create the initialization script in your system (/etc/rc.local or /etc/rc.d/init.d/ossec). If the init script is not created, make sure to follow the instructions from the install.sh to make OSSEC HIDS start during the boot. To start it by hand, just run /var/ossec/bin/ossec-control start
3- If you are running it on multiple clients, make sure to install
the server first. Use the manage_agents tool to create the right encryption keys.
4- Enjoy.