[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ossec-list] ossec-list Digest, Vol 7, Issue 7

Subject: [Ossec-list] ossec-list Digest, Vol 7, Issue 7
From: sebastian.benner at FernUni-Hagen.de (Sebastian Benner)
Date: Mon, 15 May 2006 11:40:27 +0200 (CEST)
Hello,

I tried to install ossec 0.8 on a Solaris 10 Zone. The install script 
worked so far, but some errors occured making it impossible to start 
ossec :-(

.......................................................................
  *** Making syscheckd ***

gcc -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DUSE_OPENSSL 
-lsocket -lnsl -lresolv -DSOLARIS -DHIGHFIRST -include strings.h 
-DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -DOSSECHIDS syscheck.c 
config.c create_db.c run_check.c ../config/*.c ../shared/lib_shared.a 
../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a 
../os_crypto/os_crypto.a ../rootcheck/rootcheck_lib.a -o ossec-syscheckd
cp -pr ossec-maild ../../bin
cp -pr ossec-execd ../../bin
cp -pr ossec-analysisd ../../bin
cp -pr ossec-logcollector ../../bin
cp -pr ossec-remoted ../../bin
cp -pr ossec-agentd ../../bin
cp -pr manage_agents ../../bin
cp -pr manage_agents ../../bin
cp -pr syscheck_update clear_stats ../../bin
cp: Target ../../bin must be a directory
Usage: cp [-f] [-i] [-p] [-@] f1 f2
        cp [-f] [-i] [-p] [-@] f1 ... fn d1
        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
*** Error code 2
make: Fatal error: Command failed for target `build'
Current working directory /tmp/ossec-hids-0.8/src/util

Error Making the binaries
*** Error code 1
The following command caused the error:
/bin/sh ./Makeall build
make: Fatal error: Command failed for target `build'
chmod: WARNING: can't access /var/ossec
chown: unknown user id: root:ossec
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/queue/alerts
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/queue/ossec
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/queue/fts
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/queue/syscheck
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/queue/rootcheck
chown: unknown user id: ossecr:ossec
chmod: WARNING: can't access /var/ossec/queue/agent-info
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/stats
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/logs
touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
chown: unknown user id: ossec:ossec
chmod: WARNING: can't access /var/ossec/logs/ossec.log
cp: /var/ossec/rules/ not found
chown: unknown user id: root:ossec
chmod: WARNING: can't access /var/ossec/rules
chmod: WARNING: can't access /var/ossec/etc
chown: unknown user id: root:ossec
Usage: cp [-f] [-i] [-p] [-@] f1 f2
        cp [-f] [-i] [-p] [-@] f1 ... fn d1
        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
chmod: WARNING: can't access /var/ossec/var/run
chown: unknown user id: root:ossec
cp: ../bin/ossec*: Not a directory
cp: ../bin/manage_agents: Not a directory
cp: ../bin/syscheck_update: Not a directory
cp: ../bin/clear_stats: Not a directory
cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
cp: cannot create /var/ossec/etc/: No such file or directory
cp: /var/ossec/etc/shared/ not found
cp: /var/ossec/active-response/bin/ not found
chmod: WARNING: can't access /var/ossec/active-response/bin/*
Not overwritting /etc/ossec.conf.


  - Unknown system. No init script added.

  - Configuration finished properly.

  - To start OSSEC HIDS:
                 /var/ossec/bin/ossec-control start

  - To stop OSSEC HIDS:
                 /var/ossec/bin/ossec-control stop

  - The configuration can be viewed or modified at 
/var/ossec/etc/ossec.conf


     Thanks for using the OSSEC HIDS.
     If you have any question, suggestion or if you find any bug,
     contact us at contact at ossec.net or using our public maillist at
     ossec-list at ossec.net
     (http://mailman.underlinux.com.br/mailman/listinfo/ossec-list).

     More information can be found at http://www.ossec.net

     ---  Press ENTER to finish (maybe more information bellow). ---
........................................................................

I am using gnu tools and software installed as packages via blastwave.org 
(e.g. gcc3, wget...) needed to install and compile ossec.


Regards,

Sebastian





On Fri, 12 May 2006, ossec-list-request at ossec.net wrote:

> Send ossec-list mailing list submissions to
> 	ossec-list at ossec.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
> or, via email, send a message with subject or body 'help' to
> 	ossec-list-request at ossec.net
>
> You can reach the person managing the list at
> 	ossec-list-owner at ossec.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ossec-list digest..."
>
>
> Today's Topics:
>
>   1. Version 0.8 of OSSEC HIDS is now available! (Daniel Cid)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 11 May 2006 17:17:30 -0300
> From: "Daniel Cid" <daniel.cid at gmail.com>
> Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
> To: "OSSEC Users List" <ossec-list at ossec.net>
> Message-ID:
> 	<b92e6f200605111317n58aa5bale194d4cb30b4583e at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> This is the first version offering native support to
> Windows NT, XP, 2000 and 2003. It includes as well a new set
> of log analysis rules for sendmail, web logs (Apache and
> IIS), IDSs and Windows authentication events.
>
> The correlation rules for squid, mail logs, firewall events
> and authentication systems have been improved, detecting
> scans, brute-force attacks, worms and internal attacks.
> In addition to that, the active-responses were refined, with
> support to IPFW (FreeBSD) added.
>
> The installation process was re-organized, now including simpler
> configuration options and translation on 6 different languages
> (English, Portuguese, German, Turkish, Polish and Italian).
>
>
> To download the Unix and Windows versions:
> http://www.ossec.net/en/downloads.html
>
>
> Use our mailling list if you have any question or comment:
> http://www.ossec.net/en/mailing_lists.html
>
>
> More information about the Windows support:
> http://www.ossec.net/en/manual.html#windows
>
>
>
> Detailed changelog (new features added):
>
> - Active response for IPFW (Thanks Welkson de Medeiros
>   and Rafael Capovilla for the help).
>
> - Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).
>
> - Rules for Sendmail (thanks Ahmet Ozturk).
>
> - Improvements to the host-deny active response, with
>   support to locking added (Thanks Kayvan A. Sylvan).
>
> - Improvements to the installation script and the
>   manage_agents tool, making it much simpler to use
>   (thanks Ahmet and Kayvan for the help).
>
> - Installation in Italian (thanks Alberto Furia).
>
> - Installation in Polish (thanks Dziankowski Krzysztof).
>
> - Rules for Windows authentication, success audit and failure
>   audit events.
>
> - Correlation rules for web logs (Apache and IIS).
>
> - Support for variable file names (based on date) to be monitored.
>
> - Support for Windows (Agent only).
>   http://www.ossec.net/en/manual.html#windows
>
> - Support for IIS.
>   http://www.ossec.net/en/manual.html#iis
>
> - Clean up of the configuration options and documentation on
>   the web site.
>   http://www.ossec.net/en/manual.html
>
> - Lot of new small features and bug fixes.
>
>
> For more information:
> http://www.ossec.net/
>
>
> To download the new version:
> http://www.ossec.net/en/downloads.html
>
>
> We want to thanks everyone who sent comments, suggestions
> or just some nice words to us! We really appreciate the
> feedback!
>
> Daniel B. Cid (in name of the OSSEC HIDS team).
> http://www.ossec.net/en/about.html#dev-team
> http://www.ossec.net/announcements/v08-2006-05-12.txt
>
>
> ------------------------------
>
> _______________________________________________
> ossec-list mailing list
> ossec-list at ossec.net
> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>
>
> End of ossec-list Digest, Vol 7, Issue 7
> ****************************************
>
Follow-Ups:
- [Ossec-list] ossec-list Digest, Vol 7, Issue 7
  - From: Daniel Cid
Prev by Date: [Ossec-list] High volume of Web (Mambo ?) scans
Next by Date: [Ossec-list] High volume of Mambo scans (perlb0t)
Previous by thread: [Ossec-list] High volume of Web (Mambo ?) scans
Next by thread: [Ossec-list] ossec-list Digest, Vol 7, Issue 7
Index(es):
- Date
- Thread
OSSEC home | Main Index | Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.