OSSEC – Error: PostgreSQL client libraries not installed.

May 10, 2013 By Leave a Comment

I was playing with OSSEC this afternoon and trying to get it configured to work with MySQL and when I was running make on the DB setup I was getting this error:

Error: PostgreSQL client libraries not installed.

I was a bit frustrated with it, it seems as it if requires both MySQL and PostgreSQL to be installed to finish compiling. To get around this just install PostgreSQL that seems to do the trick.

# yum install postgresql

Running the main package seems to do the trick. Then try running setdb again:

# make setdb

If you prefer not to install PostgreSQL then you could try the instructions here: https://groups.google.com/forum/?fromgroups=#!topic/ossec-list/3BwJ2wxKAWo.

Hope this helps someone, I am sharing it because I had a challenge getting past it and found very little info out there on how to fix it.

Cheers

Filed Under: Log Management, OSSEC

Curious to See a DDOS in Action?

April 26, 2013 By

I’ve always wondered what a Distributed Denial of Service (DDOS) really looks like. Fortunately, there is now this pretty awesome video illustration of what it looks like:


[Read more...]

Filed Under: General Security, Log Management, Web Sever Tagged With: , ,

Crazy April for the WordPress Platform

April 25, 2013 By

In case you haven’t been following the month of April has been a bit of a whirlwind for website owners, specifically those using the WordPress platform. The good news is it’s motivated me to start writing again, not so much here but on our company blog. That being said, let me get you caught up on what’s been going on.

Fortunately, it all started off with my presentation at WordCamp Miami, which was pretty awesome I might add.

It really kicked off with the big challenges presented by the apparent abuse of trust that came from the Social Media Widget plugin. If you didn’t hear, the original developer of the plugin sold the rights to a marketing firm, who then outsourced it to a freelancer. That freelancer then took it upon himself to inject code into the core of the plugin, so when it was pushed to the repository and notified everyone of updates it injected everyone with the payload. Nasty, I know. Talk about taking all the fun out of hacking, boo for laziness, yay for ingenuity. The obvious downside here being the abuse of trust as I just stated, making you wonder what is being done to address that very apparent vulnerability. What do you think?
[Read more...]

Filed Under: Uncategorized

WordPress Website Security – WordSesh 2013

April 15, 2013 By

Here is an online presentation I gave at WordSesh 2013. Always weird when you give an online presentation, unable to gauge the crowd and respond accordingly. Look forward to your feedback.

Filed Under: Awareness, Web Security, WordPress Tagged With: , ,

WordCamp Miami 2013 – WordPress Website Security Presentation

April 3, 2013 By

I’ll be in Miami this weekend, April 5 – 7th, 2013, for WordCamp Miami. I’ll be giving a new, updated, talk on Website Security on Saturday. You should come by and say hi if you’re around. If you’re not, no problem, you can see my slides here:

***Updated: 20130409****

Here is the video recording of my talk on the presentation above. Unfortunately we had a few technical difficulties so you’ll have to follow on the slide deck I have above.


Filed Under: Awareness, Web Security, Web Sever, WordPress
« Older Posts