linux下snort搭建
libuse
|
1#
libuse 发表于 2008-02-15 10:34
linux下snort搭建
1、安装apache
tar zxvf apache-(版本号)------- 解压apache 进入解压目录 。/configure --prefix=/usr/local/apache --enable-so --enable-rewrite make make install /usr/local/apache/bin/apachectl start 启动APACHE http://XXX.XXX.XXX.XXX(服务器IP地址) 测试APACHE 2、安装mysql groupadd mysql useradd -g mysql mysql tar zxvf mysql-(版本号) --------- 解压mysql 进入解压目录 。/configure --prefix=/usr/local/mysql --with-charset=gb2312/gbk make make install 进入supportsfiles目录 cp my_medium.cnf /etc/my.cnf /usr/local/mysql/bin/mysql_install_db --user=mysql chown -R root /usr/local/mysql chown -R mysql /usr/local/mysql/var chgrp -R mysql /usr/local/mysql /usr/local/mysql/share/mysql/bin/mysql.server start 启动MYSQL /usr/local/mysql/bin/mysqladmin -u root password XXXX /usr/local/mysql/bin/mysql -u root -p password: mysql> 3、安装PHP tar zxvf php-(版本号) 进入解压目录 。/configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs \ --with-mysql=/usr/local/mysql \ --with-config_file_path=/usr/local/php \ make make install cp php.ini_dist /usr/local/lib/php.ini vi /usr/local/lib/php.ini 更改365行 off为on vi /usr/local/apache/conf/httpd.conf DireltoryIndex 后加index.php AddType applicontion/X-httpd-php .php vi /usr/local/apache/htdocs/test/php <? phpinfo() ?> 重新启动APACHE http://XXX.XXX.XXX.XXX/test.php 4、安装pcre tar zxvf pcre-(版本号) 进入解压目录 。/configure make make install 5、安装snort tar zxvf snort-(版本号) 进入解压目录 。/configure --with-mysql=/usr/local/mysql make make install 6、安装snort规则库 tar zxvf snort rules-(版本号) 生成etc、doc、rules、so.rules四个目录 mkdir /etc/snort mkdir /etc/snort/rules mkdir /var/log/snort cp -R rules/* /etc/snort/ cp etc/* /etc/snort vi /etc/snort/snort.conf 46行改为:var HOME_NET XXX.XXX.XXX.0/24 111行改为:var Rules_PATH /etc/snort/rules 764行改为:output database:log,mysql,user=root,password=XXXX(密码同上),dbname=snort host=localhost 863--874行去掉# 7、创建snort数据库 。/mysql -u root -p mysql>create database snort; >grant INSERT,SELECT on root .* to snort@localhost >exit ./mydql -u root -p < /usr/local/src/snort-(版本号)/schemas/create_mysql snort mysql>use snort mysql>show tables 8、安装adodb tar zxvf adodb-(版本号) cp adodb /usr/local/apache/htdocs 9、安装jpgraph tar zxvf jpgraph-(版本号) 移动解压目录到/usr/local/apache/htdocs,并改名为jpgraph 10、安装acid tar zxvf acid-(版本号) 移动解压目录到/usr/local/apache/htdocs,并改名为acid vi /acid/acid_conf.php $DBlib_Path='/usr/local/apache/htdocs/adodb'; $alert_dbname="snort"; $alert_host="localhost"; $alert_port=""; $alert_user="root"; $alert_password="xxxxx(同上)"; $archive_dbname="snort"; $archive_host="localhost"; $archive_port=""; $archive_user="root"; $archive_password="xxxxx(同上)"; $charlLib_path="/usr/local/apache/htdocs/jpgraph/src"; $charl_file_format="png"; 11、http://xxx.xxx.xxx.xxx/acid 测试 注: 在安装前应先将编译工具安装 |