Showing results for 
Search instead for 
Did you mean: 
Level 7

Need Help with HIPS on Linux

Hi there,
I'm trying to get HIPS installed on some Linux boxes running RedHat Server 5.1 (kernel 2.6.18).

I have installed all of the prerequisites from the HIPS 7.0 installation guide (audit daemon, and audit libs, the stdc++ libs, and the CMA)
I can get the CMA installed just fine on the boxes but when I go to install the HIPS package I get the following error (i'm paraphrasing a bit):
Host Intrusion Prevention is not supported on this distribution. Please check installation requirements.

I did some digging and found that the RPM package contains some scripting that checks specifically for the RedHat Server version in /etc/redhat-release. The installer is specifically looking for version 4 (which is what the documentation says is the supported version). By changing the version number in the redhat-release file I can trick the installer into thinking that I have version 4 but that lead me to another roadblock.

The second roadblock is that the scripting is also looking for kernel version 2.6.9 specifically. The installer runs "uname -r" and checks the returned value; if the value is not equal to 2.6.9 the script exits and displays this message (again paraphrasing):
Host Intrusion Prevention requires Linux kernel 2.6.9. Please check installation requirements.

My first question is: Am I using the correct install package (MFEhip-7.0.0.i386.rpm)?
If I am using the correct package, what am I doing wrong?
Can I trick the installer somehow into thinking that I'm actually running linux kernel 2.6.9?

0 Kudos