On Tue, Dec 22, 2015 at 11:48 AM, Chris <cbrown...@3dsi.com> wrote:
> Thanks for letting me know. I'll keep an eye on the project to see if future
> releases add support for the agent-auth application for Windows.
>
> The use case is a hybrid environment hosted by Amazon Web Services (AWS)
> where auto-scaling groups cause instances (servers) to come and go.
> Automation technology, such as AWS CloudFormation, allow fully automated
> configuration of the entire server without any manual interaction. The Linux
> version of agent-auth allows this to work well for Linux agents. Not having
> the Windows version prevents OSSEC from being viable in a large-scale cloud
> environment where automation is required. Use of third-party tools such as
> Chef, Puppet, Ansible, etc. can overcome this limitation, but add additional
> considerations.
>

That's a space I'm kinda sorta playing with (although less windows).
If you get the chance to test the windows agent-auth stuff (even in
non-prod stuff), let me know how it works out.

> Thanks,
> Chris
>
>
> On Tuesday, December 22, 2015 at 7:04:55 AM UTC-6, dan (ddpbsd) wrote:
>>
>> On Mon, Dec 21, 2015 at 4:34 PM, Chris <cbro...@3dsi.com> wrote:
>> > I have successfully configured an OSSEC server running on Ubuntu in AWS.
>> >
>> >
>> > I have also successfully automated Ubuntu AWS instances automatically
>> > installing the OSSEC agent and connecting to the OSSEC server via this
>> > command /var/ossec/bin/agent-auth -m ossec.myprivatedomain.local -p 1515
>> >
>> >
>> > I am working on automating the installation of the OSSEC agent for
>> > Windows
>> > instances including automating the Windows instances connecting to the
>> > OSSEC
>> > server. I understand that the OSSEC agent for Windows can be downloaded
>> > from
>> > the OSSEC site's "Downloads" page and that it can be silently installed
>> > using this command line: ossec-agent-win32-2.8.3.exe /S
>> >
>> >
>> > Despite much research, I cannot find out how to get a version of the
>> > OSSEC
>> > agent-auth executable that will run on Windows to allow me to automate
>> > the
>> > Windows instances connecting to the OSSEC server.
>> >
>> >
>> > The closest thing I can find to any mention of the agent-auth
>> > application
>> > being available for Windows is from this blog:
>> > https://github.com/ossec/ossec-hids/issues/166#issuecomment-41461642 ...
>> > where a comment states ...
>> >
>> > The Windows version of agent-auth was compiled on Linux (Fedora 20) and
>> > tested on Windows 7 Home Premium 64-bit.
>> >
>> > None of the tutorials that talk about compiling the OSSEC agent for
>> > Windows
>> > on Linux address how to compile the agent-auth application for Windows.
>> >
>> >
>> > How/where does one get a version of the OSSEC agent-auth application
>> > that
>> > will run on Windows?
>> >
>>
>> I have a currently untested branch for this at
>> https://github.com/ddpbsd/ossec-hids/tree/winauthd
>>
>> It's using the current development master as its base. I haven't had
>> the time or motivation to actually test it yet.
>>
>> > --
>> >
>> > ---
>> > You received this message because you are subscribed to the Google
>> > Groups
>> > "ossec-list" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> > an
>> > email to ossec-list+...@googlegroups.com.
>> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to