I have a pair of Red Hat 6 servers which will be deployed "high risk" internet facing. I'd like to install the OSSEC software to monitor for changes to the server, root kits, and compliance checking. I have successfully deployed OSSEC before as an agent talking back to an OSSEC server but I would like to do this install as a stand alone device so I do not have to open up communications into my internal LAN. I see on Red Hat's yum server there is a "ossec-hids.x86_64 2.8.3-53.el6.art" but when I install this file many of the required binaries seem to be missing. Can I install only this package and configure it to run OSSEC or do I need to also install the ossec-hids-server.x86_64 or ossec-hids-client.x86_64 to make ossec run as a stand alone? The server file has a few additional dependencies which I'd rather not install unless I have to. Has anyone written up exactly which files are required to build a stand alone OSSEC instance. I know I can build and install OSSEC on my server and that works but I need to be able to deploy via an RPM. Otherwise it will be to much manual work to build OSSEC on all of my servers. Any advice on how to install OSSEC as as stand alone device via YUM or RPM packages would be greatly appreciated. Even advice as to which RPMs need to be installed would be helpful is it only hids or is it hids client or hids server.
Thanks, Shawn ossec-hids.x86_64 2.8.3-53.el6.art ossec-hids-server.x86_64 2.8.3-53.el6.art ossec-hids-client.x86_64 2.8.3-53.el6.art ossec-hids-debuginfo.x86_64 2.8.3-53.el6.art ossec-hids-mysql.x86_64 2.8.3-53.el6.art ossec-hids-server.x86_64 2.8.3-53.el6.art ossec-wui.noarch 0.8-4.el6.art -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
