Friday, September 05, 2008

HITBSecConf2008 Kuala Lumpur, Malaysia

Event Details:

Venue: The Crowne Plaza Mutiara Kuala Lumpur

Date : 27-30 October 2008

For more details about this event, please visit:

HITBSecConf 2008 Website

Howto Setup Syslog Server in Ubuntu using Apache2

I will show you how to setup Syslog Server using Apache2 in Ubuntu Linux.

Make sure you set a static IP address in Ubuntu. Edit this file:
#vi /etc/network/interfaces

This is your network configuration file(/etc/network/interfaces):
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface

auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static

After that, you need to prepare your Syslog Server:
#mkdir /logs
#vi /etc/syslog.conf
I logged everythings under folder/logs/logger.log. This is my syslog.conf file:
*.* /logs/logger.log

If you like to log everything from auth, cron, lpr error and only syslogs warnings then you have to add next lines to /etc/syslog.conf.
auth.* /logs/logger.log
cron.* /logs/logger.log
kern.* /logs/logger.log
lpr.3 /logs/logger.log
syslog.4 /logs/logger.log

Edit ksyslogd file (/etc/init.d/ksyslogd)
#vi /etc/init.d/ksyslogd

You need to change this line SYSLOGD=”” to SYSLOGD=”-r -m0”

Restart your network:

#/etc/init.d/networking restart

After that, install Apache2
#apt-get install apache2 php5 libapache2-mod-php5 mysql-server mysql-client php5-mysql

Check your hostname (/etc/hostname) and make sure
you have to put your local IP address in /etc/hosts. This is my /etc/hosts file: localhost ubuntu squid squid

Modify your /etc/apache2/ports.conf and i decided to host on port 8080.

And go to apache2 site-available directory:
#cd /etc/apache2/sites-available

Now edit file
#vi /etc/apache2/sites-available/

and make sure it looks like this:

DirectoryIndex index.php
DocumentRoot /logs

Ok, now go to sites-enabled directory:

#cd /etc/apache2/sites-enabled
#ln -s /etc/apache2/sites-available/

Go to /logs directory and create an index.php file:

#cd /logs
#touch index.php
#vi index.php

This is my index.php under /logs directory:

Now, restart your Apache:

#/etc/init.d/apache2 force-reload

Try to visit your Browser:

Now, you have a Syslog Server. TRY IT!!!