Cov txheej txheem:

Kuv yuav nruab Ossec tus neeg sawv cev li cas?
Kuv yuav nruab Ossec tus neeg sawv cev li cas?

Video: Kuv yuav nruab Ossec tus neeg sawv cev li cas?

Video: Kuv yuav nruab Ossec tus neeg sawv cev li cas?
Video: Saib Mis paub Poj niam (hluas nkauj) tus yam ntxwv lub siab 2024, Kaum ib hlis
Anonim

Nruab OSSEC Agent ntawm Ubuntu 18.04/CentOS 7

  1. Thaum koj xaiv hom kev teeb tsa , nias nkag mus txuas ntxiv.
  2. Tom ntej no, nkag mus rau IP chaw nyob ntawm Sensor uas tus tus neeg sawv cev yuav tsum xa cov ntaub ntawv rau kev txheeb xyuas.
  3. Qhib qhov kev kuaj xyuas kev ncaj ncees.
  4. Qhib rootkit nrhiav cav.

Ntxiv mus, kuv yuav ntxiv tus neeg sawv cev rau Ossec li cas?

Txhawm rau ntxiv tus neeg sawv cev rau OSSEC tus thawj tswj hwm nrog manager_agents koj yuav tsum ua raws li cov kauj ruam hauv qab no

  1. Khiav tswj_agents ntawm OSSEC server.
  2. Ntxiv tus neeg sawv cev.
  3. Extract tus yuam sij rau tus neeg sawv cev.
  4. Luam tus yuam sij ntawd rau tus neeg sawv cev.
  5. Khiav tswj_agents ntawm tus neeg sawv cev.
  6. Ntshuam tus yuam sij theej los ntawm tus thawj tswj hwm.
  7. Rov pib tus thawj tswj hwm cov txheej txheem OSSEC.

Tsis tas li ntawd, kuv yuav siv Ossec ntawm Windows li cas? OSSEC tsuas yog txhawb Windows systems ua tus neeg sawv cev, thiab lawv yuav xav tau OSSEC server ua haujlwm.

  1. Kauj Ruam 1: Qhib Tus Neeg Saib Xyuas Tus Thawj Tswj zaub mov. Thawj kauj ruam ntawm cov txheej txheem no yog nkag mus rau hauv Agent Manager zaub mov.
  2. Kauj ruam 2: Ntxiv tus neeg sawv cev.
  3. Kauj ruam 3: Extracting tus yuam sij.
  4. Kauj ruam 4: Lub Windows Sab.

Ib sab saum toj no, kuv yuav teeb tsa Ossec li cas?

Nruab OSSEC Ntaus koj tus email chaw nyob hauv zos thiab nias Enter: 3.2- Koj puas xav khiav qhov kev ncaj ncees check daemon? (y/n) [y]: - Khiav syscheck (kev ncaj ncees check daemon). Nias Enter rau kev ncaj ncees check daemon: 3.3- Koj puas xav khiav lub cav tshawb nrhiav rootkit? (y/n) [y]: - Khiav rootcheck (rootkit detection).

Yuav ua li cas nruab thiab teeb tsa Ossec ntawm CentOS 7?

Yuav Ua Li Cas Nruab OSSEC HIDS ntawm CentOS 7 Server

  1. Kauj Ruam 1: Nruab Cov Pob Khoom Yuav Tsum Tau. OSSEC yuav muab tso ua ke los ntawm qhov chaw, yog li koj xav tau lub compiler kom ua tau.
  2. Kauj ruam 2 - Rub tawm thiab txheeb xyuas OSSEC.
  3. Kauj ruam 3: Txiav txim siab koj SMTP Server.
  4. Kauj ruam 4: Nruab OSSEC.
  5. Kauj ruam 5: Pib OSSEC.
  6. Kauj ruam 6: Customize OSSEC.

Pom zoo: