summarylogtreecommitdiffstats
path: root/config
blob: f494edc4a13981ee6a9b0ad82c5d8f7e0547f5ca (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/bin/sh

#Do you want e-mail notification? (y/n) [y]:
export USER_ENABLE_EMAIL=n
# What's your e-mail address?
export USER_EMAIL_ADDRESS=foo@example.com
#  What's your SMTP server ip/host?
export USER_EMAIL_SMTP=

# Do you want to run the integrity check daemon? (y/n) [y]:
export USER_ENABLE_SYSCHECK=y

#Do you want to run the rootkit detection engine? (y/n) [y]:
export USER_ENABLE_ROOTCHECK=y

#       Active response allows you to execute a specific 
#       command based on the events received. For example,
#       you can block an IP address or disable access for
#       a specific user.  
#       More information at:
#       http://www.ossec.net/en/manual.html#active-response
#       
#   - Do you want to enable active response? (y/n) [y]: 
export USER_ENABLE_ACTIVE_RESPONSE=y

#   - By default, we can enable the host-deny and the 
#     firewall-drop responses. The first one will add
#     a host to the /etc/hosts.deny and the second one
#     will block the host on iptables (if linux) or on
#     ipfilter (if Solaris, FreeBSD or NetBSD).
#   - They can be used to stop SSHD brute force scans, 
#     portscans and some other forms of attacks. You can 
#     also add them to block on snort events, for example.
#
#   - Do you want to enable the firewall-drop response? (y/n) [y]:
export USER_ENABLE_FIREWALL_RESPONSE=y

# Do you want to add more IPs to the white list? (y/n)? [n]:
# if set to y, installer will ask you to enter the list of IPs
# if you want to use this feature, you must also export USER_NO_STOP=no
export USER_WHITE_LIST=n