blob: f494edc4a13981ee6a9b0ad82c5d8f7e0547f5ca (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
#!/bin/sh
#Do you want e-mail notification? (y/n) [y]:
export USER_ENABLE_EMAIL=n
# What's your e-mail address?
export USER_EMAIL_ADDRESS=foo@example.com
# What's your SMTP server ip/host?
export USER_EMAIL_SMTP=
# Do you want to run the integrity check daemon? (y/n) [y]:
export USER_ENABLE_SYSCHECK=y
#Do you want to run the rootkit detection engine? (y/n) [y]:
export USER_ENABLE_ROOTCHECK=y
# Active response allows you to execute a specific
# command based on the events received. For example,
# you can block an IP address or disable access for
# a specific user.
# More information at:
# http://www.ossec.net/en/manual.html#active-response
#
# - Do you want to enable active response? (y/n) [y]:
export USER_ENABLE_ACTIVE_RESPONSE=y
# - By default, we can enable the host-deny and the
# firewall-drop responses. The first one will add
# a host to the /etc/hosts.deny and the second one
# will block the host on iptables (if linux) or on
# ipfilter (if Solaris, FreeBSD or NetBSD).
# - They can be used to stop SSHD brute force scans,
# portscans and some other forms of attacks. You can
# also add them to block on snort events, for example.
#
# - Do you want to enable the firewall-drop response? (y/n) [y]:
export USER_ENABLE_FIREWALL_RESPONSE=y
# Do you want to add more IPs to the white list? (y/n)? [n]:
# if set to y, installer will ask you to enter the list of IPs
# if you want to use this feature, you must also export USER_NO_STOP=no
export USER_WHITE_LIST=n
|