Scribd Logo
Carica

Benvenuto in Scribd!

  • Manual Manage Agents Tool

    Caricato da

    Devin Fifield
    15 visualizzazioni3 pagine
    For every "agent" that you want to install, you need to create an "authentication key" for it on the server. When the key is generated on the server, you need export it from there an import (or push) to the agent. The communication between the server and the agents is secure (encrypted and authenticated)

    Descrizione originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    For every "agent" that you want to install, you need to create an "authentication key" for it on the server. When the key is generated on the server, you need export it from there an import (or push) to the agent. The communication between the server and the agents is secure (encrypted and authenticated)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    15 visualizzazioni3 pagine

    Manual Manage Agents Tool

    Caricato da

    Devin Fifield
    For every "agent" that you want to install, you need to create an "authentication key" for it on the server. When the key is generated on the server, you need export it from there an import (or push) to the agent. The communication between the server and the agents is secure (encrypted and authenticated)

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 3

    Manual: manage_agents tool http://www.ossec.

    net/main/manual/manual-manage_agents-tool/

    Home
    About
    Documentation
    Downloads
    Support
    Our Team

    Manual: manage_agents tool


    Manual -> tools ->Manage agents tool

    The communication between the server and the agents is secure (encrypted and authenticated). Because
    of that, for every “agent” that you want to install, you need to create an “authentication key” for it on the
    server. When the key is generated on the server, you need export it from there an import (or push) to the
    agent.

    **It may sound complicated, but it isn’t. Simply follow the steps bellow.

    1. First, you need to add the agent to the server. You just need to run the “manage_agents” command,
    provide the IP Address of the agent and choose a name for it (or username).
    (server)# /var/ossec/bin/manage_agents

    ****************************************
    * OSSEC HIDS v0.8 Agent manager. *
    * The following options are available: *
    ****************************************
    (A)dd an agent (A).
    (E)xtract key for an agent (E).
    (L)ist already added agents (L).
    (R)emove an agent (R).
    (Q)uit.
    Choose your actions: A,E,R or Q: a

    - Adding a new agent (use ‘q’ to return to main menu).


    Please provide the following:
    * A name for the new agent: linux1
    * The IP Address for the new agent: 192.168.2.32

    * An ID for the new agent[001]:


    Agent information:
    ID:001
    Name:linux1
    IP Address:192.168.2.32

    Confirm adding it?(y/n): y


    Added.

    2. After your agent is added, you need to extract the authentication key from your server. In the
    “manage_agents”, just choose the “E” option and provide the ID of the agent. The key to be used by the
    agent will be printed. Just copy and paste it in the agent side.
    (server)# /var/ossec/bin/manage_agents

    1 of 3 23/04/2009 11:52 AM
    Manual: manage_agents tool http://www.ossec.net/main/manual/manual-manage_agents-tool/

    ****************************************
    * OSSEC HIDS v0.8 Agent manager. *
    * The following options are available: *
    ****************************************
    (A)dd an agent (A).
    (E)xtract key for an agent (E).
    (L)ist already added agents (L).
    (R)emove an agent (R).
    (Q)uit.
    Choose your actions: A,E,R or Q: e

    Available agents:
    ID: 001, Name: linux1, IP: 192.168.2.32
    ID: 002, Name: obsd1, IP: 192.168.2.10
    Provide the ID of the agent you want to extract the key: 001

    Agent key information for ‘001′ is:


    CDAxIGxpbnX4MSAxOTIuMTY4LjAuMzIgOWM5MENlYzNXXXYYYZZZZZ==

    ** Press ENTER to continue

    3. After you key is generated, you need to copy it and paste it on the agent side. You need to run the same
    “manage_agents” command in the agent (but it will have some different options).
    (agent)# /var/ossec/bin/manage_agents

    ****************************************
    * OSSEC HIDS v0.8 Agent manager. *
    * The following options are available: *
    ****************************************
    (I)mport key for the server (I).
    (Q)uit.
    Choose your actions: I or Q: i

    * Provide the Key generated from the server.


    * The best approach is to cut and paste it.
    *** OBS: Do not include spaces or new lines.

    Paste it here: CDAxIGxpbnX4MSAxOTIuMTY4LjAuMzIgOWM5MENlYzNXXXYYYZZZZZ==

    Agent information:
    ID:001
    Name:linux1
    IP Address:192.168.2.32

    Confirm adding it?(y/n): y

    Added.
    ** Press ENTER to continue.

    ****************************************
    * OSSEC HIDS v0.8 Agent manager. *
    * The following options are available: *
    ****************************************
    (I)mport key for the server (I).
    (Q)uit.
    Choose your actions: I or Q: q

    manage_agents: Exiting ..

    4. That’s it. If you have more than one agent, just repeat this process for each one. After that, you can just
    start the OSSEC HIDS on the server and then on all agents (/var/ossec/bin/ossec-control start).

    Recent Entries
    >Rootcheck updated to v2.0Mar 6

    2 of 3 23/04/2009 11:52 AM
    Manual: manage_agents tool http://www.ossec.net/main/manual/manual-manage_agents-tool/

    >OSSEC v2.0 releasedFeb 27


    >v2.0 - What is comingJan 20
    >OSSEC v1.6.1 releasedOct 9
    (Archives)

    Shortcuts
    >Getting Started
    >First steps
    >Manual | Wiki
    >Commercial Support

    News/Announcements
    >Join OSSEC Linked-in Group
    >Join Mailing List

    All Content © 2008,2009 Third Brigade, Inc.

    3 of 3 23/04/2009 11:52 AM

    Potrebbero piacerti anche