Host Based Intrusion Detection on ISPConfig3

Discussion in 'Installation/Configuration' started by sheshes, Apr 1, 2013.

  1. sheshes

    sheshes Member

    I am trying to follow the how-to guide Host Base Intrusion Detection to install samhain on already running ISPConfig 3.

    There is a part we I need to edit the samhain.conf in /etc/apache2/conf.d

    Usually this conf should have been created but I cannot see it. If I create a new conf and put only the lines suggested in the guide, I still can't view yule.html so i can continue further more.

    What am I doing wrong?
  2. zapyahoo

    zapyahoo New Member

    Take a look at the apache error log. Usually helps to troubleshoot.
  3. sheshes

    sheshes Member

    already checked nothing that actually is informative in there.

    I think is better if I explained my setup better. I have an ISPConfig 3 server installation using multiple domains. The main FQDN domain that ISPconfig control panel is and I don't have any website setup on it.

    With mydomain I can access the ISPConfig control panel and phpmyadmin.

    I want to make the same as phpmyadmin uses i.e

    I hope this info helps
  4. zapyahoo

    zapyahoo New Member

    How different is your samhain.conf when compared to phpmyadmin.conf file?
    Maybe if you take a look at the phpmyadmin file you can create samhain.conf with the necessary alias and folder path corrections.
  5. sheshes

    sheshes Member

    Firstly, samhain.conf isn't created when installed the software. I have to recreate it.

    I did copying phpmyadmin.conf to samhain.conf and fixed the alias and directory but still nothing!

    Also I notice that yule cannot start without giving any error or write anything in the logs.
  6. zapyahoo

    zapyahoo New Member

    I would try and fix the logging first... without that it's pretty hard to troubleshoot :(
  7. sheshes

    sheshes Member

    yeah I would do so myself as well, if only I knew how!

    I think the only person who can answer this thread is falko who written the Host Based Intrusion Detection tutorial, if that applies on an ISPConfig 3 running server and if on Ubuntu 12.10 there some additional adjustments needed to be done.

    Please falko....

Share This Page