'[ossec-list] Re: Pre-configured Ossec Windows Agent Installation'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ossec-list
Subject:    [ossec-list] Re: Pre-configured Ossec Windows Agent Installation
From:       "Daniel Cid" <daniel.cid () gmail ! com>
Date:       2008-10-31 17:28:50
Message-ID: b92e6f200810311028j68d6e45dy9645bd35356f432e () mail ! gmail ! com
[Download RAW message or body]


Hi Abhisek

If each user can only access the zip file (with the key and config)
for his own box, I think you
are ok. The issue is that if any user can download the keys from the
other systems you may
have a problem.  The way I did before was to run some scripts to push
the keys individually
to each box along with the ossec package. That might be easier than to
set up the web
server...

Hope it helps.

--
Daniel B. Cid
dcid ( at ) ossec.net

On Tue, Oct 7, 2008 at 5:37 AM, abhisek sanyal <abhisek.sanyal@gmail.com> wrote:
>
> Hello all,
>   I have been working on an idea of automating the ossec windows
> agent setup. The process is, when the Ossec Agent is installed on the
> system, the updated "client.keys" and "ossec.conf" will be copied
> along with it (The ossec agent setup file, client.keys and ossec.conf
> file are all available through a single zip file)
>   Every time an Ossec Agent is added, the "client.key" for this agent
> and the "ossec.conf" file with the updated "Ossec Server Ip" will be
> all put in a zip file. The user downloads the zip file for his system
> and runs the "Ossec Windows Agent" Setup. I have tweaked the setup
> file to copy the "ossec.conf" and "client.keys" to the relevant path
> at the end of the installation. It will also start the "Ossec Agent"
> on the windows system.
>   The "zip" files will be available after authenticating to a web
> server from where he proceeds to download it. My concern is that if
> all the "client.keys" are made available in a web server in its
> individual zip file (along with Ip Address and Hostname description),
> how big a hole am I opening in the Ossec Client-Server setup ?
>   I don't know how to determine which is a Windows / Linux agent
> (without additional input while adding it), so I am also ending up
> creating "zip" files for even linux agents.
>
> With Regards,
> Abhisek Sanyal
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic