David Vasil wrote: >The deployment process leaves a bit to be desired though. I simply can >not imagine trying to deploy several hundred OSSEC agents, having to >generate a key for each individual one and then trying to manage them. > >-- >-dave
Good point. I wonder if there is some way to use a fingerprint kinda like what ssh uses when you try to ssh to a machine for the first time in place of the existing key system. It would still not be fully automated because you would need to accept each key. Then of course you would need to build a deployment tool that somehow had root access to all of the systems. Would it be possible in the Windows Agent at least to have a silent install method similar to many other products? Generally, the parameter used is "/q" or "/quiet". This should be set to accept all of the defaults. Then you can script the install using PStools from SysInternals. You would still have the need to modify the ossec.conf file on each machine being monitored and set the service to start automatically, but at least this would get the client installed. You could still do this from one machine using remote tools. That might save some effort. This electronic mail (including any attachments) may contain information that is privileged, confidential, and/or otherwise protected from disclosure to anyone other than its intended recipient(s). Any dissemination or use of this electronic email or its contents (including any attachments) by persons other than the intended recipient(s) is strictly prohibited. If you have received this message in error, please notify us immediately by reply email so that we may correct our internal records. Please then delete the original message (including any attachments) in its entirety. Thank you.
