ServerBuddies Support Blog

Downloading and using kernel source on Ubuntu

There may come a time when you need the kernel source code, usually to build kernel headers, compile a module etc. To work with the kernel source once you have it, you’ll want some development tools installed on your server.

To check the version right on the server. Just run:

Searching for kernel source.

OSSEC Open Source Host-based Intrusion Detection System.

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. A list with all supported platforms is available http://www.ossec.net/main/supported-systems

If you have one system to monitor, you can install the OSSEC HIDS locally on that box and do everything from there.

However, if you are administering a few systems, you can select one to be your OSSEC server and the others to be OSSEC agents, forwarding events to the server for analysis. One of the greatest benefits of the OSSEC HIDS is its scalability, allowing you to monitor multiple systems from a central point.

The best option is to select one of your machines to be the OSSEC server and perform the “server” installation on it. Then, choose the “agent” installation for the others.

Your IDS and rootkit rules will be just in one box, making it much easier to administer and configure.

Please make sure that you understand the type of installation you are choosing (manager, agent, local, etc) and are also aware of the order (always install the manager first).

Extract the compressed package and run the “./install.sh” script (It will guide you through the installation).

Remember to open the port 1514 (UDP) if there is a firewall between the server and the agents (if you didn’t choose the local installation).

Start the OSSEC HIDS.