虚拟机系统启动速度恢复正常
尝试启动ossec服务,报错如下
Starting OSSEC HIDS 3.1.0 (by Trend Micro Inc.)...
/var/ossec/bin/ossec-control: line 219: /var/ossec/bin/ossec-dbd: No such file or directory
ossec-dbd did not start correctly.
感到难以解决,卸载重新安装
yum install -y ossec-hids ossec-hids-server安装完成后在/etc/sysconfig/iptables文件最后一行(COMMIT前一行)添加规则-A INPUT -p udp --dport 1514 -j ACCEPT
通过执行/var/ossec/bin/agent_control -lc查看活动agents,仅返回ID: 000, Name: centos64test (server), IP: 127.0.0.1, Active/Local
尝试执行/var/ossec/bin/ossec-authd -p 1515 >/dev/null 2>&1 &以打开iptables 1515端口,返回[1] 5831
再次执行/var/ossec/bin/agent_control -lc查看活动agents,返回ID: 000, Name: centos64test (server), IP: 127.0.0.1, Active/Local
[1]+ Done /var/ossec/bin/ossec-authd -p 1515 > /dev/null 2>&1
经研究,发现nginx未安装
安装nginx后vim /usr/local/nginx/conf/nginx.conf修改server_name为192.168.0.33,修改listen为8090
无法访问nginx页面,初步认为是防火墙拦截
测试机系统启动变慢
经过不断排查,成功打开nginx页面
启动httpd服务后,成功打开ossec页面
尝试通过/var/ossec/bin/ossec-control start启动ossec服务,报错
Starting OSSEC HIDS 3.1.0 (by Trend Micro Inc.)...
OSSEC analysisd: Testing rules failed. Configuration error. Exiting.
