A lightweight Intrusion Detection System built on top of matrix
WARNING: realaravinth/ids-matrix
comes with ABSOLUTELY NO WARRANY, to the extent permitted by applicable law.
The instructions provided here are for the Debian(Buster) GNU/Linux, however it can be modified to work with other distrubtions as well.
It uses pam_exec
to collect login information so kindly refer to your distribution's guide if this guide doesn't work.
- libpam-modules
- coreutils(uses
date
anduname
)[optional] - net-tools(uses
hostname
)[optional] - rust(to compile) optional: you can remove parts of the code if you wish to not to install the optional dependencies
cd
into source directory- edit src/main.rs and fill
*
server
: url of your matrix server *access_token
: access token of your matrix account(create new one with least priveleges) *room_id
: room ID of the room where you want to publish the updates cargo build --release
This compiles the program and places the binary intarget/release
directory
- Place
ids-matrix
binary in/usr/local/bin
of your server - Append the following to
/etc/pam.d/sshd
(always take backup of the original config):
session optional pam_exec.so /usr/local/bin/ids-matrix
Yes please! Fork this repo and send in PRs, I'll be happy to review and merge them!