Hi there, I'm trying to get HIPS installed on some Linux boxes running RedHat Server 5.1 (kernel 2.6.18).
I have installed all of the prerequisites from the HIPS 7.0 installation guide (audit daemon, and audit libs, the stdc++ libs, and the CMA) I can get the CMA installed just fine on the boxes but when I go to install the HIPS package I get the following error (i'm paraphrasing a bit): Host Intrusion Prevention is not supported on this distribution. Please check installation requirements.
I did some digging and found that the RPM package contains some scripting that checks specifically for the RedHat Server version in /etc/redhat-release. The installer is specifically looking for version 4 (which is what the documentation says is the supported version). By changing the version number in the redhat-release file I can trick the installer into thinking that I have version 4 but that lead me to another roadblock.
The second roadblock is that the scripting is also looking for kernel version 2.6.9 specifically. The installer runs "uname -r" and checks the returned value; if the value is not equal to 2.6.9 the script exits and displays this message (again paraphrasing): Host Intrusion Prevention requires Linux kernel 2.6.9. Please check installation requirements.
My first question is: Am I using the correct install package (MFEhip-7.0.0.i386.rpm)? If I am using the correct package, what am I doing wrong? Can I trick the installer somehow into thinking that I'm actually running linux kernel 2.6.9?