On running the ./install.sh evrything goes ok until I run the final install here is the error: os_xml_node_access.c:18:20: string.h: No such file or directory os_xml_node_access.c:19:20: stdlib.h: No such file or directory os_xml_node_access.c: In function `OS_ClearNode': os_xml_node_access.c:35: warning: implicit declaration of function `free' os_xml_node_access.c:59: error: `NULL' undeclared (first use in this function) os_xml_node_access.c:59: error: (Each undeclared identifier is reported only once os_xml_node_access.c:59: error: for each function it appears in.) os_xml_node_access.c: In function `OS_GetElementsbyNode': os_xml_node_access.c:79: error: `NULL' undeclared (first use in this function) os_xml_node_access.c:101: warning: implicit declaration of function `realloc' os_xml_node_access.c:106: warning: implicit declaration of function `calloc' os_xml_node_access.c:116: warning: implicit declaration of function `strdup' os_xml_node_access.c:116: warning: assignment makes pointer from integer without a cast os_xml_node_access.c:126: warning: assignment makes pointer from integer without a cast os_xml_node_access.c:148: warning: assignment makes pointer from integer without a cast os_xml_node_access.c:149: warning: assignment makes pointer from integer without a cast os_xml_variables.c:17:19: stdio.h: No such file or directory os_xml_variables.c:18:20: string.h: No such file or directory os_xml_variables.c:19:20: stdlib.h: No such file or directory os_xml_variables.c: In function `OS_ApplyVariables': os_xml_variables.c:26: error: `NULL' undeclared (first use in this function) os_xml_variables.c:26: error: (Each undeclared identifier is reported only once os_xml_variables.c:26: error: for each function it appears in.) os_xml_variables.c:41: warning: implicit declaration of function `strcasecmp' os_xml_variables.c:47: warning: implicit declaration of function `snprintf' os_xml_variables.c:49: warning: implicit declaration of function `realloc' os_xml_variables.c:53: warning: implicit declaration of function `strdup' os_xml_variables.c:53: warning: assignment makes pointer from integer without a cast os_xml_variables.c:58: warning: implicit declaration of function `strncpy' os_xml_variables.c:85: warning: assignment makes pointer from integer without a cast os_xml_variables.c:111: warning: implicit declaration of function `strlen' os_xml_variables.c:116: warning: assignment makes pointer from integer without a cast os_xml_variables.c:131: warning: implicit declaration of function `memset' os_xml_variables.c:168: warning: implicit declaration of function `strncat' os_xml_variables.c:205: warning: implicit declaration of function `free' make[1]: *** [xml] Error 1 make[1]: Leaving directory `/tmp/ossec-hids-0.9-2/src/os_xml' Error Making os_xml make: *** [all] Error 1 Error 0x5. Building error. Unable to finish the installation. radox
Please run Code: apt-get install apt-file apt-file update apt-file search string.h What's the output of the last command?
And what's the output of Code: apt-file search stdlib.h ? I think the missing package is libc6-dev. You can install it like this: Code: apt-get install libc6-dev
remote email address thankyou the lib package was missing. look at the output below at the last line; 2006/10/10 12:08:17 ossec-maild(1223): Error Sending email to 127.0.0.1 (smtp server) what i did was put my remote email address to send any messages to but maybe this will not work as my email address is not local. how to set up my remote email address as this set up had been done on a vps. with debian 3.1?. I am in france ,vps is in US here is the line from the howto : 3.1- Do you want e-mail notification? (y/n) [y]: <-- y - What's your e-mail address? <-- [email protected] (please enter your own email address here) ---------------------------------------------------------------------------------------- ~# tail -f /var/ossec/logs/ossec.log 2006/10/10 12:07:55 ossec-syscheckd: Started (pid: 19903). 2006/10/10 12:07:55 ossec-analysisd: Connected to '/queue/alerts/execq' (exec queue) 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/messages'. 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/auth.log'. 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/syslog'. 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/mail.info'. 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/apache/error.log'. 2006/10/10 12:07:58 ossec-logcollector(1950): Analyzing file: '/var/log/apache/access.log'. 2006/10/10 12:07:58 ossec-logcollector: Started (pid: 19889). 2006/10/10 12:08:17 ossec-maild(1223): Error Sending email to 127.0.0.1 (smtp server)
I guess you specified the wrong SMTP server during installation (127.0.0.1). You can change it in /var/ossec/etc/ossec.conf. You should change it to the mail server you see when you run Code: dig mx example.com (replace example.com with your own email domain.
which server am i useing this software to dectect ok in the email address i have placed my own [email protected] in the ipaddress section/server i have placed mail.mydomian.com so am i correct in thinking that the software will detect the intrusions etc on the local system and send me a email on my remote system if anything is dectected. radox
