Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd March 2009, 06:01
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Question Securing Your Server With A Host-based Intrusion Detection Compatibility Question

Hello Group..

I just wanted to validate to some degree the compatibility of the following Tutorial/Software installation with Ubuntu 7.10...

http://howtoforge.com/intrusion_dete...ith_ossec_hids
Securing Your Server With A Host-based Intrusion Detection System

Thank you

Best Regards
Reply With Quote
Sponsored Links
  #2  
Old 24th March 2009, 17:57
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

I haven't tested it on Ubuntu 7.10, but I don't see why it shouldn't work.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (25th March 2009)
  #3  
Old 25th March 2009, 23:20
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Arrow

Thank you Falko...

I have installed OSSEC successfully onto my Ubuntu 6.06 and all seems good.

This is the box that ISPConfig failed after running the ISPConfig upgrade VIA CLI, and now MySQL is not running/inaccessible.
OSSEC does send reports as follows which I feel is due to MySQL's status:

Code:
OSSEC HIDS Notification.
2009 Mar 25 14:09:17
 
Received From: giganetwireless->/var/log/auth.log
Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system."
Portion of the log(s):
 
Mar 25 14:09:17 giganetwireless getty[9043]: ttyS1: ioctl: Input/output error
 
 
 
 --END OF NOTIFICATION
Does my assumption seem to be on target considering the error above?Thank you FalkoBest Regards
Reply With Quote
  #4  
Old 25th March 2009, 23:26
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Arrow

Thank you Falko...

I have installed OSSEC successfully onto my Ubuntu 6.06 and all seems good.

This is the box that ISPConfig failed after running the ISPConfig upgrade VIA CLI, and now MySQL is inaccessible.
OSSEC does send reports as follows which I feel is due to MySQL's status:

Code:
OSSEC HIDS Notification.
2009 Mar 25 14:09:17
 
Received From: giganetwireless->/var/log/auth.log
Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system."
Portion of the log(s):
 
Mar 25 14:09:17 giganetwireless getty[9043]: ttyS1: ioctl: Input/output error
 
 
 
 --END OF NOTIFICATION
Does my assumption seem to be on target considering the error above?Thank you FalkoBest Regards
Reply With Quote
  #5  
Old 26th March 2009, 19:14
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

I'm not sure what the error means. Have you tried to restart MySQL? Are there any MySQL errors in the syslog?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (27th March 2009)
  #6  
Old 27th March 2009, 06:44
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Lightbulb

Hi Falko

I can run '/etc/init.d/mysql restart' and no complaints are returned by the server.

However if I attempt to loginto MySQL I receive the following:
Code:
root@giganetwireless:/etc# mysql -u root -p
bash: mysql: command not found
As if MySQL is non-existent...

Likewise when I run 'tail -f /var/log/syslog' or even 'cat /var/lost/syslog'
there is no data populating 'syslog' what-so-ever

This particular server is tapped for drive space, as you pointed out to me after I ran an upgrade to ISPConfig VIA CLI earlier this week after which ISPConfig became inaccessible.

I am waiting on a 1TB drive for this server then I will start fresh.
The wierd thing is that everything that relys on MySQL such as E-Mail functions without a hitch.

Thanks Falko
Have a great day.

Best Regards
Reply With Quote
  #7  
Old 28th March 2009, 19:59
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Did you install the MySQL client package?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (30th March 2009)
  #8  
Old 30th March 2009, 06:34
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Arrow

Hi Falko

I am sure that the mysql-client package was installed originally, but to be sure I ran 'apt-get install mysql-client'

system reply:
Code:
Reading package lists... Done
Building dependency tree... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
Since you only requested a single operation it is extremely likely that
the package is simply not installable and a bug report against
that package should be filed.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
  mysql-client: Depends: mysql-client-5.1 but it is not going to be installed
E: Broken packages
I accessed '/etc/mysql' and opened 'debian.cnf' it's contents do show client settings...

Code:
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = Nhguuhdre35XXB
socket   = /var/run/mysqld/mysqld.sock
[mysql_upgrade]
host     = localhost
user     = debian-sys-maint
password = Nhguuhdre35XXB
socket   = /var/run/mysqld/mysqld.sock
I mangled the password just for safety in this post.

Thank you Falko

Best Regards
Reply With Quote
  #9  
Old 30th March 2009, 15:10
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

What's in /etc/apt/sources.list?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (1st April 2009)
  #10  
Old 1st April 2009, 07:46
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
 
Arrow

Hi Falko, Thank you for the reply and sorry for the long delay of answer.

The contents of '/etc/apt/sources.list'

Code:
#
# deb cdrom:[Ubuntu-Server 6.06.1 _Dapper Drake_ - Release i386 (20060807.1)]/ dapper main restricted
# deb cdrom:[Ubuntu-Server 6.06.1 _Dapper Drake_ - Release i386 (20060807.1)]/ dapper main restricted
deb http://us.archive.ubuntu.com/ubuntu/ dapper main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper main restricted

## MySQL Update links provided by Falko Timme HowToForge.com (projectfarm.org).
## Add to /etc/apt/sources.list, run apt-get update and then apt-get install mysql
deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all
## Major bug fix updates produced after the final release of the
## distribution.
deb http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted
## Uncomment the following two lines to add software from the 'universe'
## repository.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## universe WILL NOT receive any review or updates from the Ubuntu security
## team.
deb http://us.archive.ubuntu.com/ubuntu/ dapper universe
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper universe
## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse

deb http://security.ubuntu.com/ubuntu dapper-security main restricted
deb-src http://security.ubuntu.com/ubuntu dapper-security main restricted
deb http://security.ubuntu.com/ubuntu dapper-security universe
deb-src http://security.ubuntu.com/ubuntu dapper-security universe
Have a great day

Best Regards
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
apache2 won't connect to localhost or 127.0.0.1 anw Server Operation 6 19th March 2009 19:51
postfix bounced email question daveb Server Operation 8 3rd February 2008 21:32
server blocked/stopped by host Ovidiu Technical 11 14th February 2006 11:50
Email - Ueb-Miau mazhar Installation/Configuration 5 21st December 2005 11:01
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 03:30


All times are GMT +2. The time now is 04:00.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.