- purpose: for recording down system user/group changes and Windows directory and any other directories changes.
- how it works: osiris on Windows is agent, the management tool and daemon are residing on Linux server. You need to configure it on Linux sever after installing software on Windows. Then it will generate a base database for comparing every 24 hours by default, then send out email alert for any changes
- install it on Windows
Solution:
1. after installing , copy c:\document and settings\sysmgr\windows\osiris directory to c:\win2k03
2. copy c:\documents and setting\sysmgr\windows\osiris to c:\win2k03\system32
3. startup osiris service again
note: if you encounter error saying "error writing to file osimessage.dll", u can rename c:\windows\system32\osimessage.dll first
- osiris on Linux
2. enable tcp port 2265 and 2266 for iptables host firewall
3. enable in-between firewall ports too for above 2 ports
4. on server, configure management console
# osiris
# login as username and password
# add-host
all the way to default, except for email alert part choose (y,y,n,y)
copy configuration file to the windows server name to be monitored
start-scan servername
list-db servername
No comments:
Post a Comment