Installation¶
The best installation tutorial is available in the OSPatrol book.
OSPatrol HIDS Manager/Agent Installation¶
Installation of the OSPatrol HIDS is very simple. Just follow these few steps to have it working. Please make sure that you understand the type of installation you are choosing (manager, agent, local, or hybrid) and are also aware of the order (always install the manager first). If you don’t know what I’m talking about, it’s a good idea to visit the install types page.
Warning
Remember that when following this installation the commands only start after the # Everything before that is just the information about the prompt
Note
If you have experience with Unix, just download the latest version, uncompress it and run the ”./install.sh” script.
Download the latest version and verify its checksum.
Note
On some systems, the command md5, sha1 or wget may not exist, so try md5sum, sha1sum or lynx respectively instead.
# wget http://www.ospatrol.net/files/ospatrol-hids-2.6.tar.gz # wget http://www.ospatrol.net/files/ospatrol-hids-2.6_checksum.txt # cat ospatrol-hids-2.6_checksum.txt MD5 (ospatrol-hids-2.6.tar.gz) = f4140ecf25724b8e6bdcaceaf735138a SHA1 (ospatrol-hids-2.6.tar.gz) = 258b9a24936e6b61e0478b638e8a3bfd3882d91e MD5 (ospatrol-agent-win32-2.6.exe) = 7d2392459aeab7490f28a10bba07d8b5 SHA1 (ospatrol-agent-win32-2.6.exe) = fdb5225ac0ef631d10e5110c1c1a8aa473e62ab4 # md5sum ospatrol-hids-2.6.tar.gz MD5 (ospatrol-hids-2.6.tar.gz) = f4140ecf25724b8e6bdcaceaf735138a # sha1sum ospatrol-hids-2.6.tar.gz SHA1 (ospatrol-hids-2.6.tar.gz) = 258b9a24936e6b61e0478b638e8a3bfd3882d91e
Extract the compressed package and run the “./install.sh” script (It will guide you through the installation).
# tar -zxvf ospatrol-hids-*.tar.gz (or gunzip -d; tar -xvf) # cd ospatrol-hids-* # ./install.sh
Remember to open port 1514 (UDP) if there is a firewall between the server and the agents (not applicable to the local installation type).
If you are installing the server or the agent, remember to follow the Managing the agents section.
Start OSPatrol HIDS
# /var/ospatrol/bin/ospatrol-control start
OSPatrol HIDS agentless Installation¶
Agentless installation has its own page at: Agentless Monitoring.
OSPatrol HIDS Binary installation¶
On systems that do not have a C compiler or one is not allowed by policy installation can be done using Binary Installation
OSPatrol Updates¶
Updating OSPatrol is as easy as it can get. Just download the latest package and follow the installation instructions as usual. It will detect that you already have it installed and ask:
- You already have OSPatrol installed. Do you want to update it? (y/n): y
- Do you want to update the rules? (y/n): y
Just say “yes” to these questions and it will update everything properly. Your local rules and configuration options will not be modified. The same applies to the Unix or Windows agent updates.