| Line | |
|---|
| 1 |
|
|---|
| 2 | Using SAMHAIN on Win2K
|
|---|
| 3 | ----------------------
|
|---|
| 4 |
|
|---|
| 5 | samhain builds and runs on Win2K (and maybe other M$ products) with
|
|---|
| 6 | the (free, GPL) Cygwin environment.
|
|---|
| 7 | Fabio Paracchini <fparacchini at alteanet dot it> writes:
|
|---|
| 8 |
|
|---|
| 9 | (UPDATE: note that some configure options have changed since this has been
|
|---|
| 10 | written. Check the manual and/or run './configure --help' for
|
|---|
| 11 | available options.)
|
|---|
| 12 |
|
|---|
| 13 | The configuration I'm testing now is a server on OpenBSD 2.8 and a client on
|
|---|
| 14 | W2K, using the latest Cygwin. I was able to compile the client on a W2K
|
|---|
| 15 | Cygwin development machine using those configuration flags:
|
|---|
| 16 |
|
|---|
| 17 | --enable-static
|
|---|
| 18 | --enable-network
|
|---|
| 19 | --with-tmp-dir=/tmp
|
|---|
| 20 | --with-data-file=REQ_FROM_SERVER/samhain.db
|
|---|
| 21 | --with-config-file=REQ_FROM_SERVER/etc/samhainrc
|
|---|
| 22 | --with-logserver=x.x.x.x
|
|---|
| 23 | --with-lock-file=/cygdrive/c/samhain.lck
|
|---|
| 24 | --with-log-file=/cygdrive/c/samhain.log
|
|---|
| 25 |
|
|---|
| 26 | I was able to successfully compile and sign the executable, upload to the
|
|---|
| 27 | production server with the cygwin1.dll in the same directory and run both
|
|---|
| 28 | samhain -t init and samhain -t check.
|
|---|
| 29 |
|
|---|
| 30 | If you need a stealthy configuration you could change lock & log file to
|
|---|
| 31 | something more obscure, only pay attention that in Cygwin if you need to
|
|---|
| 32 | access drive C: you have to prefix your path with /cygdrive/c.
|
|---|
| 33 |
|
|---|
| 34 | The configuration is kept on the server where Yule runs; I registered the
|
|---|
| 35 | client and I'm in the process of tuning the exceptions for the files
|
|---|
| 36 | modified by Windows.
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
