This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_ossec [2020/07/15 13:35] val |
сервис_ossec [2020/07/15 16:04] val [Просмотр отчетов] |
||
---|---|---|---|
Line 3: | Line 3: | ||
* [[https://ru.wikipedia.org/wiki/OSSEC|OSSEC — Википедия]] | * [[https://ru.wikipedia.org/wiki/OSSEC|OSSEC — Википедия]] | ||
- | * [[http://forum.lissyara.su/viewtopic.php?t=9588|www.lissyara.su - статья об OSSEC]] | + | * [[https://habr.com/ru/post/262479/|Инструкция: внедряем HIDS OSSEC]] |
- | * [[http://ossec-docs.readthedocs.io/en/latest/manual/agent/agent-management.html|Managing Agents]] | + | |
- | * [[http://ossec-docs.readthedocs.io/en/latest/faq/syscheck.html|Syscheck: FAQ - How to force an immediate syscheck scan?]] | + | |
* [[http://www.ossec.net/downloads.html|OSSEC Downloads]] | * [[http://www.ossec.net/downloads.html|OSSEC Downloads]] | ||
Line 29: | Line 27: | ||
==== Настройка сервера для подключения агента ==== | ==== Настройка сервера для подключения агента ==== | ||
<code> | <code> | ||
- | lanr# /var/ossec/bin/manage_agents | + | lan# /var/ossec/bin/manage_agents |
... | ... | ||
(A)dd an agent (A). | (A)dd an agent (A). | ||
Line 70: | Line 68: | ||
... | ... | ||
</code> | </code> | ||
+ | ==== Контроль целостности файлов ==== | ||
+ | <code> | ||
+ | server# cat /var/ossec/etc/ossec.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | <syscheck> | ||
+ | <!-- Frequency that syscheck is executed (default every 2 hours) --> | ||
+ | <frequency>300</frequency> | ||
+ | <auto_ignore>no</auto_ignore> | ||
+ | <directories check_all="yes">/usr/local/sbin</directories> | ||
+ | ... | ||
+ | </code><code> | ||
+ | server# /var/ossec/bin/ossec-control restart | ||
+ | </code> | ||
+ | |||
==== Просмотр отчетов ==== | ==== Просмотр отчетов ==== | ||