diff options
Diffstat (limited to 'testing/ossec-hids/config')
| -rw-r--r-- | testing/ossec-hids/config | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/testing/ossec-hids/config b/testing/ossec-hids/config deleted file mode 100644 index abcece68177..00000000000 --- a/testing/ossec-hids/config +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh - -# Do you want to update it? (y/n) [y]: -export USER_UPDATE=y - -# Do you want to update the rules? (y/n) [y]: -export USER_UPDATE_RULES=y - -# User Language: -export USER_LANGUAGE=en - -# Do you want e-mail notification? (y/n) [y]: -export USER_ENABLE_EMAIL=y -# What's your e-mail address? -export USER_EMAIL_ADDRESS=foo@example.com -# What's your SMTP server ip/host? -export USER_EMAIL_SMTP=localhost - -# Do you want to run the integrity check daemon? (y/n) [y]: -export USER_ENABLE_SYSCHECK=y - -#Do you want to run the rootkit detection engine? (y/n) [y]: -export USER_ENABLE_ROOTCHECK=y - -# Active response allows you to execute a specific -# command based on the events received. For example, -# you can block an IP address or disable access for -# a specific user. -# More information at: -# https://ossec.github.io/docs/manual/ar/ -# -# - Do you want to enable active response? (y/n) [y]: -export USER_ENABLE_ACTIVE_RESPONSE=y - -# - By default, we can enable the host-deny and the -# firewall-drop responses. The first one will add -# a host to the /etc/hosts.deny and the second one -# will block the host on iptables (if linux) or on -# ipfilter (if Solaris, FreeBSD or NetBSD). -# - They can be used to stop SSHD brute force scans, -# portscans and some other forms of attacks. You can -# also add them to block on snort events, for example. -# -# - Do you want to enable the firewall-drop response? (y/n) [y]: -export USER_ENABLE_FIREWALL_RESPONSE=y - -# Do you want to add more IPs to the white list? (y/n)? [n]: -# if set to y, installer will ask you to enter the list of IPs -# if you want to use this feature, you must also export USER_NO_STOP=no -export USER_WHITE_LIST=n - -# Do you want to enable remote syslog (port 514 udp)? (y/n) [y]: -export USER_ENABLE_SYSLOG=y - -# IP address or hostname of the ossec server. Only used on agent installations. -export USER_AGENT_SERVER_IP="127.0.0.1" -# export USER_AGENT_SERVER_NAME -# Agent's config profile name. This is used to create agent.conf configuration profiles -# for this particular profile name. Only used on agent installations. -# Can be any string. E.g. LinuxDBServer or WindowsDomainController -export USER_AGENT_CONFIG_PROFILE="generic" - - |