Thank you. I was just thinking of a VM, but this is a dual-core with (currently) limited resources (~4Gb RAM). Theoretically, I could upgrade it to a pair of quad (or maybe even hex-cores) and 48Gb of memory, but this is currently *wayyyyy* out of my budget. I can barely justify keeping this unit in the colo at the current time (it’s not like it’s bringing in a profit or anything, it’s purely for personal projects).
So, assume for a moment I am running something simple, like VirtualBox. Do I have to keep the VM up and running at all times, or can I put in a thoroughly minimalistic copy of Linux and run the VM purely for creating the Authentication Key and then shut it down? Keep in mind, my resources are at an absolute minimum. I have only two cores in the machine (a single Opteron 2216) and 4GB of ECC REG DDR2. If this VM has to be up and running all the time, it’ll bring my server to its knees (memory utilization is typically ~3GB, but has spiked up to ~4.5/5GB at times). On Wednesday, March 20, 2013 12:29:34 PM UTC-7, Dustin Lenz wrote: > > You could run OSSEC in a VM on the same server. > > On Mar 20, 2013, at 12:19 PM, "René Kåbis" <[email protected] <javascript:>> > wrote: > > Actually, I have a very distinct need for an OSSEC server on Windows. I > run my own Iron, but all I have right now is a single Windows 2008 R2 > server in a colo facility. I do NOT have the cash to put a second machine > in that facility. Now, how the bloody hell am I supposed to run OSSEC on my > Win2K3R2 machine without an OSSEC server??? How do I obtain an > "authentication key" without ever adding a second machine to that colo > facility??? > > I don't care about keeping both versions in sync. Some places are a > windows-only shop, or have needs like mine (no ability to add a Linux > server of any kind). Windows is that other major market share out there, > and you cannot ASSume that everyone will have the wherewithal to add a > Linux server just to run a client app on a single Windows server. > > I would like to secure my server. I just cannot afford a second server > just to do the authentication key part of it. > > Oh, well. The hope of having an effective and useful intrusion detection > system for my Windows server was fun while it lasted. > > On Friday, February 1, 2013 6:19:17 AM UTC-8, dan (ddpbsd) wrote: >> >> On Fri, Feb 1, 2013 at 9:12 AM, mike <[email protected]> wrote: >> > why do you say 'thankfully' no. >> > >> >> Because supporting that would be a hell I wouldn't wish upon my worst >> enemies. Because keeping the Windows version and the main version in >> sync would be a nightmare. Because Windows probably isn't the best >> platform for an OSSEC server. >> >> > On Friday, February 1, 2013 11:58:26 AM UTC, dan (ddpbsd) wrote: >> >> >> >> >> >> On Feb 1, 2013 6:58 AM, "mike" <[email protected]> wrote: >> >> > >> >> > Is there a Windows version of the OSSEC manager nowadays? >> >> > >> >> > -- >> >> >> >> Thankfully no. >> >> >> >> > >> >> > --- >> >> > You received this message because you are subscribed to the Google >> >> > Groups "ossec-list" group. >> >> > To unsubscribe from this group and stop receiving emails from it, >> send >> >> > an email to [email protected]. >> >> >> >> > For more options, visit https://groups.google.com/groups/opt_out. >> >> > >> >> > >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/groups/opt_out. >> > >> > >> > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > For more options, visit https://groups.google.com/groups/opt_out. > > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
