redhat5上安装snort
作者 佚名技术
来源 Linux系统
浏览
发布时间 2012-04-22
| t -p < /usr/local/snort-2.8.0.1/schemas/create_mysql snort Enter password: [root@station4 ~]# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 6 Server version: 5.0.77 Source distribution Type ''help;'' or ''h'' for help. Type ''c'' to clear the buffer. mysql> use snort; Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Database changed mysql> show tables; ------------------ | Tables_in_snort | ------------------ | data | | detail | | encoding | | event | | icmphdr | | iphdr | | opt | | reference | | reference_system | | schema | | sensor | | sig_class | | sig_reference | | signature | | tcphdr | | udphdr | ------------------ 16 rows in set (0.00 sec) mysql> q 9,安装配置base和Image # pear install Image_Color-1.0.3.tgz.gz install ok: channel://pear.php.net/Image_Color-1.0.3 # pear install Image_Canvas-0.3.1.tgz.gz install ok: channel://pear.php.net/Image_Canvas-0.3.1 # pear install Image_Graph-0.7.2.tgz.gz pear/Image_Graph can optionally use package "pear/Numbers_Roman" pear/Image_Graph can optionally use package "pear/Numbers_Words" install ok: channel://pear.php.net/Image_Graph-0.7.2 10,为我们的安装做准备 将adodb509a.tgz.gz解压到/var/www/ #tar zxvf adodb509a.tgz.gz –C /var/www/ 将base-1.2.6.tar.gz解压到/var/www/html/ #tar zxvf base-1.2.6.tar.gz –C /var/www/html/ 将解压得到的base-1.2.6重命名 # mv base-1.2.6 base 11.建立和修改配置文件: # cd /var/www/html/base/ # cp base_conf.php.dist base_conf.php # vi base_conf.php 对下面的内容进行配置和修改 $BASE_urlpath = "/base"; $DBlib_path = "/var/www/adodb5/ "; $DBtype = "mysql"; $alert_dbname = "snort"; $alert_host = "localhost"; $alert_port = ""; $alert_user = "snort"; $alert_password = "123456"; /* Archive DB connection parameters */ $archive_exists = 0; # Set this to 1 if you have an archive DB 12,编辑/etc/snort/rules/web-misc.rules 将下面的内容注释掉(97,98,452) 97 #alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-MISC ///cgi-bin access"; flow:to_server,established; uricontent:"///cgi-bin"; nocase; rawbytes; reference:nessus,11032 ; classtype:attempted-recon; sid:1143; rev:7;) 98 #alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"WEB-MISC /cgi-bin/// access"; flow:to_server,established; uricontent:"/cgi-bin///"; nocase; rawbytes; reference:nessus,110 32; classtype:attempted-recon; sid:1144; rev:7;) 452 #alert tcp $EXTERNAL_NET any -> $HOME_NET 8090 (msg:"WEB-MISC TrackerCam ComGetLogFile.php3 l og information disclosure"; flow:to_server,established; content:"/ComGetLogFile.php3"; nocase ; pcre:"fn=Eyed{4}_d{2}.log/Rmsi"; reference:bugtraq,12592; reference:cve,2005-0481; classt ype:web-application-activity; sid:3545; rev:2;) 启动我们的snort # service snort start Starting snor |
凌众科技专业提供服务器租用、服务器托管、企业邮局、虚拟主机等服务,公司网站:http://www.lingzhong.cn 为了给广大客户了解更多的技术信息,本技术文章收集来源于网络,凌众科技尊重文章作者的版权,如果有涉及你的版权有必要删除你的文章,请和我们联系。以上信息与文章正文是不可分割的一部分,如果您要转载本文章,请保留以上信息,谢谢! |
你可能对下面的文章感兴趣
关于redhat5上安装snort的所有评论
