[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)

Subject: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
From: sebastian.benner at FernUni-Hagen.de (Sebastian Benner)
Date: Tue, 16 May 2006 09:21:56 +0200 (CEST)
Hi Ahmet,

here I have got some additional info about my system for you:

----------------------------------------------------------------------------
bash-3.00# showrev -c make

PATH is:
/opt/csw/bin:/opt/csw/gcc3/bin:/usr/ucb:/usr/ccs/bin:/usr/sbin:/usr/bin

PWD is:
/tmp/ossec-hids-0.8

LD_LIBRARY_PATH is not set in the current environment
________________________________________________________________________

File: /usr/ccs/bin/make
=======================
File type: ELF 32-bit MSB executable SPARC Version 1, dynamically linked, 
stripped
Command version: RELEASE VERSION SunOS 5.10 Patch 118676-01 March 2005

File mode: rwxr-xr-x
User owning file: root
Group owning file: bin
Library information:
         libintl.so.1 =>  /lib/libintl.so.1
         libnsl.so.1 =>   /lib/libnsl.so.1
         libsocket.so.1 =>        /lib/libsocket.so.1
         libw.so.1 =>     /lib/libw.so.1
         libm.so.1 =>     /lib/libm.so.1
         libc.so.1 =>     /lib/libc.so.1
         libmp.so.2 =>    /lib/libmp.so.2
         libmd5.so.1 =>   /lib/libmd5.so.1
         libscf.so.1 =>   /lib/libscf.so.1
         libdoor.so.1 =>  /lib/libdoor.so.1
         libuutil.so.1 =>         /lib/libuutil.so.1
         libm.so.2 =>     /lib/libm.so.2
         /platform/SUNW,Sun-Fire-V240/lib/libc_psr.so.1
         /platform/SUNW,Sun-Fire-V240/lib/libmd5_psr.so.1
Sum: 58362
----------------------------------------------------------------------------

I tested mkdir -p ../bin and it works.

Regards,

Sebastian Benner


> Hi Sebastian,
>
> In addition to Daniel's suggestions, is it possible to verify that
> "mkdir -p ../bin" creates the directory on your system.
> Btw, I'm using Solaris 10 on x86 and GNU make v3.80 without any
> problem. Is it possible to tell us which  version of make you're using,
> and is your system Solaris 10 on Sparc or x86?
>
> Regards,
>
> Ahmet Ozturk.
>
> Daniel Cid wrote:
>> Hi Sebastian,
>>
>> Looks like the "bin" directory wasn't created for some reason... Can
>> you do the following:
>>
>> -Remove /var/ossec (rm -rf /var/ossec)
>> -Start the installation process again (cd ossec-hids-0.8).
>> -Before running the install.sh script, create ./bin (mkdir ./bin).
>> -Run ./install.sh and see if it works.
>>
>> *I don't have Solaris in here, so I can't help you much more than that.
>> Probably Ahmet (the Solaris guy :)) will be able to give you a better answer.
>>
>> Thanks,
>>
>> --
>> Daniel B. Cid
>> dcid @ ( at ) ossec.net
>>
>> On 5/15/06, Sebastian Benner <sebastian.benner at fernuni-hagen.de> wrote:
>>
>>> Hello,
>>>
>>> I tried to install ossec 0.8 on a Solaris 10 Zone. The install script
>>> worked so far, but some errors occured making it impossible to start
>>> ossec :-(
>>>
>>> .......................................................................
>>>  *** Making syscheckd ***
>>>
>>> gcc -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DUSE_OPENSSL
>>> -lsocket -lnsl -lresolv -DSOLARIS -DHIGHFIRST -include strings.h
>>> -DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -DOSSECHIDS syscheck.c
>>> config.c create_db.c run_check.c ../config/*.c ../shared/lib_shared.a
>>> ../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a
>>> ../os_crypto/os_crypto.a ../rootcheck/rootcheck_lib.a -o ossec-syscheckd
>>> cp -pr ossec-maild ../../bin
>>> cp -pr ossec-execd ../../bin
>>> cp -pr ossec-analysisd ../../bin
>>> cp -pr ossec-logcollector ../../bin
>>> cp -pr ossec-remoted ../../bin
>>> cp -pr ossec-agentd ../../bin
>>> cp -pr manage_agents ../../bin
>>> cp -pr manage_agents ../../bin
>>> cp -pr syscheck_update clear_stats ../../bin
>>> cp: Target ../../bin must be a directory
>>> Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>        cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>> *** Error code 2
>>> make: Fatal error: Command failed for target `build'
>>> Current working directory /tmp/ossec-hids-0.8/src/util
>>>
>>> Error Making the binaries
>>> *** Error code 1
>>> The following command caused the error:
>>> /bin/sh ./Makeall build
>>> make: Fatal error: Command failed for target `build'
>>> chmod: WARNING: can't access /var/ossec
>>> chown: unknown user id: root:ossec
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/alerts
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/ossec
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/fts
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/syscheck
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/rootcheck
>>> chown: unknown user id: ossecr:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/agent-info
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/stats
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/logs
>>> touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/logs/ossec.log
>>> cp: /var/ossec/rules/ not found
>>> chown: unknown user id: root:ossec
>>> chmod: WARNING: can't access /var/ossec/rules
>>> chmod: WARNING: can't access /var/ossec/etc
>>> chown: unknown user id: root:ossec
>>> Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>        cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>> chmod: WARNING: can't access /var/ossec/var/run
>>> chown: unknown user id: root:ossec
>>> cp: ../bin/ossec*: Not a directory
>>> cp: ../bin/manage_agents: Not a directory
>>> cp: ../bin/syscheck_update: Not a directory
>>> cp: ../bin/clear_stats: Not a directory
>>> cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
>>> cp: cannot create /var/ossec/etc/: No such file or directory
>>> cp: /var/ossec/etc/shared/ not found
>>> cp: /var/ossec/active-response/bin/ not found
>>> chmod: WARNING: can't access /var/ossec/active-response/bin/*
>>> Not overwritting /etc/ossec.conf.
>>>
>>>
>>>  - Unknown system. No init script added.
>>>
>>>  - Configuration finished properly.
>>>
>>>  - To start OSSEC HIDS:
>>>                 /var/ossec/bin/ossec-control start
>>>
>>>  - To stop OSSEC HIDS:
>>>                 /var/ossec/bin/ossec-control stop
>>>
>>>  - The configuration can be viewed or modified at
>>> /var/ossec/etc/ossec.conf
>>>
>>>
>>>     Thanks for using the OSSEC HIDS.
>>>     If you have any question, suggestion or if you find any bug,
>>>     contact us at contact at ossec.net or using our public maillist at
>>>     ossec-list at ossec.net
>>>     (http://mailman.underlinux.com.br/mailman/listinfo/ossec-list).
>>>
>>>     More information can be found at http://www.ossec.net
>>>
>>>     ---  Press ENTER to finish (maybe more information bellow). ---
>>> ........................................................................
>>>
>>> I am using gnu tools and software installed as packages via blastwave.org
>>> (e.g. gcc3, wget...) needed to install and compile ossec.
>>>
>>>
>>> Regards,
>>>
>>> Sebastian
>>>
>>>
>>>
>>>
>>>
>>> On Fri, 12 May 2006, ossec-list-request at ossec.net wrote:
>>>
>>>
>>>> Send ossec-list mailing list submissions to
>>>>      ossec-list at ossec.net
>>>>
>>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>>      http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>> or, via email, send a message with subject or body 'help' to
>>>>      ossec-list-request at ossec.net
>>>>
>>>> You can reach the person managing the list at
>>>>      ossec-list-owner at ossec.net
>>>>
>>>> When replying, please edit your Subject line so it is more specific
>>>> than "Re: Contents of ossec-list digest..."
>>>>
>>>>
>>>> Today's Topics:
>>>>
>>>>  1. Version 0.8 of OSSEC HIDS is now available! (Daniel Cid)
>>>>
>>>>
>>>> ----------------------------------------------------------------------
>>>>
>>>> Message: 1
>>>> Date: Thu, 11 May 2006 17:17:30 -0300
>>>> From: "Daniel Cid" <daniel.cid at gmail.com>
>>>> Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
>>>> To: "OSSEC Users List" <ossec-list at ossec.net>
>>>> Message-ID:
>>>>      <b92e6f200605111317n58aa5bale194d4cb30b4583e at mail.gmail.com>
>>>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>>>
>>>> This is the first version offering native support to
>>>> Windows NT, XP, 2000 and 2003. It includes as well a new set
>>>> of log analysis rules for sendmail, web logs (Apache and
>>>> IIS), IDSs and Windows authentication events.
>>>>
>>>> The correlation rules for squid, mail logs, firewall events
>>>> and authentication systems have been improved, detecting
>>>> scans, brute-force attacks, worms and internal attacks.
>>>> In addition to that, the active-responses were refined, with
>>>> support to IPFW (FreeBSD) added.
>>>>
>>>> The installation process was re-organized, now including simpler
>>>> configuration options and translation on 6 different languages
>>>> (English, Portuguese, German, Turkish, Polish and Italian).
>>>>
>>>>
>>>> To download the Unix and Windows versions:
>>>> http://www.ossec.net/en/downloads.html
>>>>
>>>>
>>>> Use our mailling list if you have any question or comment:
>>>> http://www.ossec.net/en/mailing_lists.html
>>>>
>>>>
>>>> More information about the Windows support:
>>>> http://www.ossec.net/en/manual.html#windows
>>>>
>>>>
>>>>
>>>> Detailed changelog (new features added):
>>>>
>>>> - Active response for IPFW (Thanks Welkson de Medeiros
>>>>  and Rafael Capovilla for the help).
>>>>
>>>> - Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).
>>>>
>>>> - Rules for Sendmail (thanks Ahmet Ozturk).
>>>>
>>>> - Improvements to the host-deny active response, with
>>>>  support to locking added (Thanks Kayvan A. Sylvan).
>>>>
>>>> - Improvements to the installation script and the
>>>>  manage_agents tool, making it much simpler to use
>>>>  (thanks Ahmet and Kayvan for the help).
>>>>
>>>> - Installation in Italian (thanks Alberto Furia).
>>>>
>>>> - Installation in Polish (thanks Dziankowski Krzysztof).
>>>>
>>>> - Rules for Windows authentication, success audit and failure
>>>>  audit events.
>>>>
>>>> - Correlation rules for web logs (Apache and IIS).
>>>>
>>>> - Support for variable file names (based on date) to be monitored.
>>>>
>>>> - Support for Windows (Agent only).
>>>>  http://www.ossec.net/en/manual.html#windows
>>>>
>>>> - Support for IIS.
>>>>  http://www.ossec.net/en/manual.html#iis
>>>>
>>>> - Clean up of the configuration options and documentation on
>>>>  the web site.
>>>>  http://www.ossec.net/en/manual.html
>>>>
>>>> - Lot of new small features and bug fixes.
>>>>
>>>>
>>>> For more information:
>>>> http://www.ossec.net/
>>>>
>>>>
>>>> To download the new version:
>>>> http://www.ossec.net/en/downloads.html
>>>>
>>>>
>>>> We want to thanks everyone who sent comments, suggestions
>>>> or just some nice words to us! We really appreciate the
>>>> feedback!
>>>>
>>>> Daniel B. Cid (in name of the OSSEC HIDS team).
>>>> http://www.ossec.net/en/about.html#dev-team
>>>> http://www.ossec.net/announcements/v08-2006-05-12.txt
>>>>
>>>>
>>>> ------------------------------
>>>>
>>>> _______________________________________________
>>>> ossec-list mailing list
>>>> ossec-list at ossec.net
>>>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>
>>>>
>>>> End of ossec-list Digest, Vol 7, Issue 7
>>>> ****************************************
>>>>
>>>
>>> _______________________________________________
>>> ossec-list mailing list
>>> ossec-list at ossec.net
>>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>
>>
>> _______________________________________________
>> ossec-list mailing list
>> ossec-list at ossec.net
>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 16 May 2006 09:01:25 +0200 (CEST)
> From: Sebastian Benner <sebastian.benner at FernUni-Hagen.de>
> Subject: Re: [Ossec-list] ossec-list Digest, Vol 7, Issue 9
> To: ossec-list at ossec.net
> Message-ID: <20060516082704.C1119 at hubbard.fernuni-hagen.de>
> Content-Type: text/plain; charset="iso-8859-1"
>
>
>
> Hello,
>
> thank's for the help. I just checked my installation directory:
>
> ..............................................................
> bash-3.00# cd bin
> bash: cd: bin: Not a directory
> bash-3.00# more bin
> ELF?4??4 (?44?????,?88?/usr/lib/ld.so.1
>
> ?!#$&(),0246789:;<>@BDFIJLMNOQRSTVXZ[\]^_`acefhiklpqrtwxyz{|}
> bash-3.00#
> bash-3.00# ls -alF
> total 200
> drwxr-xr-x   6 1000         1005 May 15 11:13 ./
> drwxrwxrwt   3 root          377 May 16 03:30 ../
> -rw-r--r--   1 1000         3132 Feb  8 21:04 BUGS
> -rw-r--r--   1 1000        18638 May 10 01:40 CHANGELOG
> -rw-r--r--   1 1000          365 Apr 12 22:42 CONFIG
> -rw-r--r--   1 1000         1240 May  4 21:29 CONTRIB
> -rw-r--r--   1 1000         1926 Apr 12 22:42 INSTALL
> -rw-r--r--   1 1000         1887 Mar 22 22:01 INSTALL.br
> -rw-r--r--   1 1000          234 May 10 01:40 README
> -rw-r--r--   1 1000          236 Feb  8 16:35 TODO
> drwxr-xr-x   3 1000          400 May 10 16:35 active-response/
> -rwxr-xr-x   1 root        42256 May 16 08:19 bin*
> drwxr-xr-x   3 1000          745 May 10 16:35 doc/
> drwxr-xr-x   4 1000          665 May 15 10:42 etc/
> -rwxr-xr-x   1 1000        19007 May 10 01:40 install.sh*
> drwxr-xr-x  23 1000         2015 May 15 10:43 src/
> ..............................................................
>
> bin is created, but it's a regular file and not a directory ...
> I removed bin and followed your hint (creating ./bin by hand). It's still
> not working ...
>
> ------------------------------------------------------------
> cp -pr ossec-maild ../../bin
> cp -pr ossec-execd ../../bin
> cp -pr ossec-analysisd ../../bin
> cp -pr ossec-logcollector ../../bin
> cp -pr ossec-remoted ../../bin
> cp -pr ossec-agentd ../../bin
> cp -pr manage_agents ../../bin
> cp -pr manage_agents ../../bin
> cp -pr syscheck_update clear_stats ../../bin
> cp -pr ossec-syscheckd ../../bin
> chmod: WARNING: can't access /var/ossec
> chown: unknown user id: root:ossec
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/queue/alerts
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/queue/ossec
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/queue/fts
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/queue/syscheck
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/queue/rootcheck
> chown: unknown user id: ossecr:ossec
> chmod: WARNING: can't access /var/ossec/queue/agent-info
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/stats
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/logs
> touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
> chown: unknown user id: ossec:ossec
> chmod: WARNING: can't access /var/ossec/logs/ossec.log
> cp: /var/ossec/rules/ not found
> chown: unknown user id: root:ossec
> chmod: WARNING: can't access /var/ossec/rules
> chmod: WARNING: can't access /var/ossec/etc
> chown: unknown user id: root:ossec
> Usage: cp [-f] [-i] [-p] [-@] f1 f2
>        cp [-f] [-i] [-p] [-@] f1 ... fn d1
>        cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
> chmod: WARNING: can't access /var/ossec/var/run
> chown: unknown user id: root:ossec
> cp: /var/ossec/bin/ not found
> cp: cannot create /var/ossec/bin/: No such file or directory
> cp: cannot create /var/ossec/bin/: No such file or directory
> cp: cannot create /var/ossec/bin/: No such file or directory
> cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
> cp: cannot create /var/ossec/etc/: No such file or directory
> cp: /var/ossec/etc/shared/ not found
> cp: /var/ossec/active-response/bin/ not found
> chmod: WARNING: can't access /var/ossec/active-response/bin/*
> Not overwritting /etc/ossec.conf.
> ------------------------------------------------------------
>
> bash-3.00# showrev
> Hostname: ossec-server
> Hostid: 83566709
> Release: 5.10
> Kernel architecture: sun4u
> Application architecture: sparc
> Hardware provider: Sun_Microsystems
> Domain:
> Kernel version: SunOS 5.10 Generic_118822-25
>
>
> Regards,
>
> Sebastian
>
>
>
>> Today's Topics:
>>
>>   1. Re: ossec-list Digest, Vol 7, Issue 7 (Daniel Cid)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Mon, 15 May 2006 11:10:59 -0300
>> From: "Daniel Cid" <daniel.cid at gmail.com>
>> Subject: Re: [Ossec-list] ossec-list Digest, Vol 7, Issue 7
>> To: "Sebastian Benner" <sebastian.benner at fernuni-hagen.de>
>> Cc: ossec-list at ossec.net
>> Message-ID:
>> 	<b92e6f200605150710g4947bdf0ie5401bfd463c5050 at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>
>> Hi Sebastian,
>>
>> Looks like the "bin" directory wasn't created for some reason... Can
>> you do the following:
>>
>> -Remove /var/ossec (rm -rf /var/ossec)
>> -Start the installation process again (cd ossec-hids-0.8).
>> -Before running the install.sh script, create ./bin (mkdir ./bin).
>> -Run ./install.sh and see if it works.
>>
>> *I don't have Solaris in here, so I can't help you much more than that.
>> Probably Ahmet (the Solaris guy :)) will be able to give you a better answer.
>>
>> Thanks,
>>
>> --
>> Daniel B. Cid
>> dcid @ ( at ) ossec.net
>>
>> On 5/15/06, Sebastian Benner <sebastian.benner at fernuni-hagen.de> wrote:
>>>
>>> Hello,
>>>
>>> I tried to install ossec 0.8 on a Solaris 10 Zone. The install script
>>> worked so far, but some errors occured making it impossible to start
>>> ossec :-(
>>>
>>> .......................................................................
>>>   *** Making syscheckd ***
>>>
>>> gcc -Wall -I../ -I../headers  -DDEFAULTDIR=\"/var/ossec\" -DUSE_OPENSSL
>>> -lsocket -lnsl -lresolv -DSOLARIS -DHIGHFIRST -include strings.h
>>> -DARGV0=\"ossec-syscheckd\" -DXML_VAR=\"var\" -DOSSECHIDS syscheck.c
>>> config.c create_db.c run_check.c ../config/*.c ../shared/lib_shared.a
>>> ../os_xml/os_xml.a ../os_regex/os_regex.a ../os_net/os_net.a
>>> ../os_crypto/os_crypto.a ../rootcheck/rootcheck_lib.a -o ossec-syscheckd
>>> cp -pr ossec-maild ../../bin
>>> cp -pr ossec-execd ../../bin
>>> cp -pr ossec-analysisd ../../bin
>>> cp -pr ossec-logcollector ../../bin
>>> cp -pr ossec-remoted ../../bin
>>> cp -pr ossec-agentd ../../bin
>>> cp -pr manage_agents ../../bin
>>> cp -pr manage_agents ../../bin
>>> cp -pr syscheck_update clear_stats ../../bin
>>> cp: Target ../../bin must be a directory
>>> Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>         cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>         cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>> *** Error code 2
>>> make: Fatal error: Command failed for target `build'
>>> Current working directory /tmp/ossec-hids-0.8/src/util
>>>
>>> Error Making the binaries
>>> *** Error code 1
>>> The following command caused the error:
>>> /bin/sh ./Makeall build
>>> make: Fatal error: Command failed for target `build'
>>> chmod: WARNING: can't access /var/ossec
>>> chown: unknown user id: root:ossec
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/alerts
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/ossec
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/fts
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/syscheck
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/rootcheck
>>> chown: unknown user id: ossecr:ossec
>>> chmod: WARNING: can't access /var/ossec/queue/agent-info
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/stats
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/logs
>>> touch: cannot create /var/ossec/logs/ossec.log: No such file or directory
>>> chown: unknown user id: ossec:ossec
>>> chmod: WARNING: can't access /var/ossec/logs/ossec.log
>>> cp: /var/ossec/rules/ not found
>>> chown: unknown user id: root:ossec
>>> chmod: WARNING: can't access /var/ossec/rules
>>> chmod: WARNING: can't access /var/ossec/etc
>>> chown: unknown user id: root:ossec
>>> Usage: cp [-f] [-i] [-p] [-@] f1 f2
>>>         cp [-f] [-i] [-p] [-@] f1 ... fn d1
>>>         cp -r|-R [-H|-L|-P] [-f] [-i] [-p] [-@] d1 ... dn-1 dn
>>> chmod: WARNING: can't access /var/ossec/var/run
>>> chown: unknown user id: root:ossec
>>> cp: ../bin/ossec*: Not a directory
>>> cp: ../bin/manage_agents: Not a directory
>>> cp: ../bin/syscheck_update: Not a directory
>>> cp: ../bin/clear_stats: Not a directory
>>> cp: cannot create /var/ossec/bin/ossec-control: No such file or directory
>>> cp: cannot create /var/ossec/etc/: No such file or directory
>>> cp: /var/ossec/etc/shared/ not found
>>> cp: /var/ossec/active-response/bin/ not found
>>> chmod: WARNING: can't access /var/ossec/active-response/bin/*
>>> Not overwritting /etc/ossec.conf.
>>>
>>>
>>>   - Unknown system. No init script added.
>>>
>>>   - Configuration finished properly.
>>>
>>>   - To start OSSEC HIDS:
>>>                  /var/ossec/bin/ossec-control start
>>>
>>>   - To stop OSSEC HIDS:
>>>                  /var/ossec/bin/ossec-control stop
>>>
>>>   - The configuration can be viewed or modified at
>>> /var/ossec/etc/ossec.conf
>>>
>>>
>>>      Thanks for using the OSSEC HIDS.
>>>      If you have any question, suggestion or if you find any bug,
>>>      contact us at contact at ossec.net or using our public maillist at
>>>      ossec-list at ossec.net
>>>      (http://mailman.underlinux.com.br/mailman/listinfo/ossec-list).
>>>
>>>      More information can be found at http://www.ossec.net
>>>
>>>      ---  Press ENTER to finish (maybe more information bellow). ---
>>> ........................................................................
>>>
>>> I am using gnu tools and software installed as packages via blastwave.org
>>> (e.g. gcc3, wget...) needed to install and compile ossec.
>>>
>>>
>>> Regards,
>>>
>>> Sebastian
>>>
>>>
>>>
>>>
>>>
>>> On Fri, 12 May 2006, ossec-list-request at ossec.net wrote:
>>>
>>>> Send ossec-list mailing list submissions to
>>>>       ossec-list at ossec.net
>>>>
>>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>>       http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>> or, via email, send a message with subject or body 'help' to
>>>>       ossec-list-request at ossec.net
>>>>
>>>> You can reach the person managing the list at
>>>>       ossec-list-owner at ossec.net
>>>>
>>>> When replying, please edit your Subject line so it is more specific
>>>> than "Re: Contents of ossec-list digest..."
>>>>
>>>>
>>>> Today's Topics:
>>>>
>>>>   1. Version 0.8 of OSSEC HIDS is now available! (Daniel Cid)
>>>>
>>>>
>>>> ----------------------------------------------------------------------
>>>>
>>>> Message: 1
>>>> Date: Thu, 11 May 2006 17:17:30 -0300
>>>> From: "Daniel Cid" <daniel.cid at gmail.com>
>>>> Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
>>>> To: "OSSEC Users List" <ossec-list at ossec.net>
>>>> Message-ID:
>>>>       <b92e6f200605111317n58aa5bale194d4cb30b4583e at mail.gmail.com>
>>>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>>>
>>>> This is the first version offering native support to
>>>> Windows NT, XP, 2000 and 2003. It includes as well a new set
>>>> of log analysis rules for sendmail, web logs (Apache and
>>>> IIS), IDSs and Windows authentication events.
>>>>
>>>> The correlation rules for squid, mail logs, firewall events
>>>> and authentication systems have been improved, detecting
>>>> scans, brute-force attacks, worms and internal attacks.
>>>> In addition to that, the active-responses were refined, with
>>>> support to IPFW (FreeBSD) added.
>>>>
>>>> The installation process was re-organized, now including simpler
>>>> configuration options and translation on 6 different languages
>>>> (English, Portuguese, German, Turkish, Polish and Italian).
>>>>
>>>>
>>>> To download the Unix and Windows versions:
>>>> http://www.ossec.net/en/downloads.html
>>>>
>>>>
>>>> Use our mailling list if you have any question or comment:
>>>> http://www.ossec.net/en/mailing_lists.html
>>>>
>>>>
>>>> More information about the Windows support:
>>>> http://www.ossec.net/en/manual.html#windows
>>>>
>>>>
>>>>
>>>> Detailed changelog (new features added):
>>>>
>>>> - Active response for IPFW (Thanks Welkson de Medeiros
>>>>   and Rafael Capovilla for the help).
>>>>
>>>> - Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).
>>>>
>>>> - Rules for Sendmail (thanks Ahmet Ozturk).
>>>>
>>>> - Improvements to the host-deny active response, with
>>>>   support to locking added (Thanks Kayvan A. Sylvan).
>>>>
>>>> - Improvements to the installation script and the
>>>>   manage_agents tool, making it much simpler to use
>>>>   (thanks Ahmet and Kayvan for the help).
>>>>
>>>> - Installation in Italian (thanks Alberto Furia).
>>>>
>>>> - Installation in Polish (thanks Dziankowski Krzysztof).
>>>>
>>>> - Rules for Windows authentication, success audit and failure
>>>>   audit events.
>>>>
>>>> - Correlation rules for web logs (Apache and IIS).
>>>>
>>>> - Support for variable file names (based on date) to be monitored.
>>>>
>>>> - Support for Windows (Agent only).
>>>>   http://www.ossec.net/en/manual.html#windows
>>>>
>>>> - Support for IIS.
>>>>   http://www.ossec.net/en/manual.html#iis
>>>>
>>>> - Clean up of the configuration options and documentation on
>>>>   the web site.
>>>>   http://www.ossec.net/en/manual.html
>>>>
>>>> - Lot of new small features and bug fixes.
>>>>
>>>>
>>>> For more information:
>>>> http://www.ossec.net/
>>>>
>>>>
>>>> To download the new version:
>>>> http://www.ossec.net/en/downloads.html
>>>>
>>>>
>>>> We want to thanks everyone who sent comments, suggestions
>>>> or just some nice words to us! We really appreciate the
>>>> feedback!
>>>>
>>>> Daniel B. Cid (in name of the OSSEC HIDS team).
>>>> http://www.ossec.net/en/about.html#dev-team
>>>> http://www.ossec.net/announcements/v08-2006-05-12.txt
>>>>
>>>>
>>>> ------------------------------
>>>>
>>>> _______________________________________________
>>>> ossec-list mailing list
>>>> ossec-list at ossec.net
>>>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>>
>>>>
>>>> End of ossec-list Digest, Vol 7, Issue 7
>>>> ****************************************
>>>>
>>> _______________________________________________
>>> ossec-list mailing list
>>> ossec-list at ossec.net
>>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>>
>>
>>
>> ------------------------------
>>
>> _______________________________________________
>> ossec-list mailing list
>> ossec-list at ossec.net
>> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>>
>>
>> End of ossec-list Digest, Vol 7, Issue 9
>> ****************************************
>>
>
> ------------------------------
>
> _______________________________________________
> ossec-list mailing list
> ossec-list at ossec.net
> http://mailman.underlinux.com.br/mailman/listinfo/ossec-list
>
>
> End of ossec-list Digest, Vol 7, Issue 10
> *****************************************
>
Follow-Ups:
- [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
  - From: ahmet ozturk
Prev by Date: [Ossec-list] ossec-list Digest, Vol 7, Issue 9
Next by Date: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Previous by thread: [Ossec-list] ossec-list Digest, Vol 7, Issue 9
Next by thread: [Ossec-list] installing ossec in a Zone (Solaris 10, SPARC)
Index(es):
- Date
- Thread
OSSEC home | Main Index | Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.