similar to: Unable to grep 5 mins logs

Puppet custom functions and user permissions I am busy writing a custom function to automatically add OSSEC agents to a OSSEC server after installation. Unfortunately, it seems that puppetmasterd is not respecting the entries in /etc/group in linux. No matter how many other groups the puppet user has been added to in /etc/ group, when puppetmasterd runs the custom function the effective/real user

Hi. I have an interesting use case. OSSEC is security tool based on server-client architecture. Server generates keys for agents, and every agent has different key. Now I want to distribute these keys via puppet. I''ve come accross hiera and installed it, and it works superbly, but how to store per-node key in hiera? This is my idea: hiera,yaml: --- :hierarchy: -

hey friends, I am using Centos 4.0 and I have setup ssh for some users who can login from outside, I want to maintain the reports of their activity means the login and logout time, data they transfered etc. I want daily,weekly and monthly reports. Is there any software which can generate reports? Thanks & Regards Ankush Grover -------------- next part -------------- An HTML attachment

Hi Friends, I am running most of my company's Linux Servers on Centos 4.x/5.x 32 and 64-bit. I am now trying to configure a centralized logging server where logs of all the linux servers will be stored and also I want to store all the logs on the local server aka means logs will be sent to the central log server but also will be stored on the local server. The reason for storing the logs

Another alternative is to use a FIMS/HIDS such as Aide (Advanced Intrusion Detection Environment), OSSEC or Samhain. Be prepared to learn a lot about what your OS normally does behind the scenes (and thus a fair amount of initial fine tuning to exclude those things). Aide seems to work well (I've seen only one odd result) and is quite granular. However, it is local system based rather than

Situation: We are providing hosting services. I've grown tired of the various kiddie scripts/dictionary attacks on various services. The latest has been against vsftpd, on systems that I can't easily control vs. putting strict limits on ssh. We simply have too many users entering from too many networks many with dynamic IP addresses. Enter.... thinking about LIDS or Log Based

Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade

Hello all. I have been running running centos 4.5 final for some time with any problems. Been running great, until today. System was frozen and /var/log/messages showed: Aug 15 23:01:28 mydomain kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000 Aug 15 23:01:28 mydomain kernel: printing eip: Aug 15 23:01:28 mydomain kernel: c01b2de4 Aug 15 23:01:28 mydomain

Hi Friends, I am trying to write a shell script which can merge the 2 columns into 3rd one on Centos 5. The file is very long around 31200 rows having around 1370 unique groups and around 12000 unique user-names. The 1st column is the groupname and then 2nd column is the user-name. 1st Column (Groupname) 2nd Column (username) admin ankush

Hi Friends, I have configured Postfix mail server on Centos for relaying mails from 5 linux servers (including itself) within the same LAN. The postfix mail server should relay mails from these 5 linux servers for specific domains only. For example hosts 192.168.0.23/24/25/26/27 and the postfix mail server should only be able to receive and send mails from and to example.com,example2.com and

hey friends, I am looking for a free open source software (web based or application) through which I can monitor the Pix Firewall. What it should show Interface status or traffic , VPN Connectivity status, CPU Status, Memory Status etc. I am also running DHCP server on Pix Firewall (due to some reasons) If it can monitor that also means showing how many IPAddresses has been assigned, to whom,

Hey friends, I am using FC3 and Centos 4.0 at my home. I have one CD/DVD burner on Centos4.0 and no CD/DVD burner on FC3 machine. I am looking for a free client & server or cross network CD/DVD burning software something like NeroNet available on Windows. Means on the one workstation(FC3) the client software for CD/DVD burning will be installed, through this client software the data to be

Samba 3.0.2a-Debian I have a somewhat working PDC server, but have some difficulties adding more users. I managed to create a user, anna, a couple of days ago, it she works fine from my wireless laptop. To sort out some problems I have with the logon.bat script [see sambalist "Netlogon script executes randomly"], I am also including my desktop computer to the domain. I've run

I have just deployed a new CentOS 6.4 image on AWS, and I'm having issues with init.d scripts not starting up. I've verified the following; 1) They work on their own after boot 2) They're set to run at runlevel 3,4, and 5 via chkconfig 3) The system boots up in runlevel 3 (no GUI) 4) There are no lingering PID files around after boot 5) Permissions

Hi friends, I am running Nagios 2.7-1 on Centos 5.0 32-bit hosted on Vmware ESX 4.0. The issue I am seeing on the server is sometimes nagios is showing the below messages in /var/log/messages and as the system time gets changed some false alarms gets generated. I searched it on the google but I am not able to find the correct solution. I even posted on the nagios forum and they asked me to see

hi friends, I have configured a HelpDesk Ticketing System on Centos4.4. The problem I am facing is that there is a file called "site.xml" which contains the information about database connections and I don't want ppl to be able to read that file through browser. As per the readme.htm of that software if the below entries will be put in .htaccess then nobody can read the xml through

Hi Friends, Same question has been asked on the Squid mailing list but so far no reply on the mailing list so posting it here also. We are trying to cache some files from apple.com like .dmg, .pkg, .ipa etc.. so that local clients can fetch the data from the cache. The problem we are facing is that we have download restrictions for every client to 25 MB during work hours except for a particular

Hi Friends, I am using Centos 5.2 and using ProxyPass to access applications running on other servers. Everything is working fine except for one of the applications I need to auto add forward slash when any user tries to access that application. For ex ProxyPass /testdiary http://testdiary.example.com/ ProxyPassReverse /testdiary http://testdiary.example.com/ If somebody

hey friends, I am running Mysql server version: 4.1.20 on Centos 4.0. The problem I am facing is that I am not able to access the databases if I login through anyother user for example test1 mysql -u test1 -p Enter password: ERROR 1045 (28000): Access denied for user 'test1'@'localhost' (using password: YES) I have granted all the privileges for user test1 on databases test

Hi, I''m a fairly new to Puppet but so far have been very pleased with the recipes and my own simple scripts. However, I''ve hit a wall in the form of OSSEC, (http://www.ossec.net/main/) Most of my servers are running ubuntu or debain and neither support OSSEC via apt-get. I''ve thought about setting up my own local repository to handle this and to also package my own