OSSEC: building an OpenBSD package

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and OpenBSD. There is no OSSEC package available on the OSSEC website or in the OpenBSDs ports repositry, […]

OpenSSH 6.2.x and LDAP authentication

Since the release of OpenSSH 6.2, two new configuration parameters have been added: AuthorizedKeysCommand AuthorizedKeysCommandUser These parameters allow to create any kind of authentication method for OpenSSH, including LDAP authentication, and therefore patches like the LPK patch for OpenSSH are not required anymore. The only thing the script needs to do is return either an […]

Syslog event generator with Net::RawIP (perl)

Recently I have been asked to write a Syslog event generator, but not just a normal syslog generator, it had to be able to generate events coming from different hosts. The normal ‘logger’ command sends Syslog messages using the machine’s IP address, so logger wasn’t very useful. The only thing useful seem to be, to […]