Difference between revisions of "Instalasi Suricata"

From OnnoWiki
Jump to navigation Jump to search
Line 1: Line 1:
pre-installation requirements
+
==Siapkan Aplikasi Pendukung==
  
Before you can build Suricata for your system, run the following command to ensure that you have everything you need for the installation.
+
Siapkan berbagai aplikasi pendukung sebelum menginstalasi suricata
  
 
  sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
 
  sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
Line 7: Line 7:
 
  libyaml-0-1 libyaml-dev zliblg zliblg-dev libcap-ng-dev libcap-ng0
 
  libyaml-0-1 libyaml-dev zliblg zliblg-dev libcap-ng-dev libcap-ng0
  
Depending on the current status of your system, it may take a while to complete this process.
+
di Ubuntu 10.04
htp
 
  
HTP is bundled with Suricata and installed automatically. If you need to install htp manually for other reasons, instructions can be found here.
+
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
ips
+
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
 +
libyaml-dev libcap-ng-dev libcap-ng0
 +
 
 +
Download htp secara manual
 +
 
 +
http://openinfosecfoundation.org/index.php/download-suricata
 +
http://openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
  
If you want to use ubuntu-8.04 to use pre-built YAML packages, you must uncomment the following two lines in your /etc/apt/sources.list file so that you can enable hardy-backports:
+
Atau download & Install htp secara manual
  
  #deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
+
  cd /usr/local/src
  #deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
+
wget http://www.openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
 +
tar -xzvf libhtp-0.2.3.tar.gz
 +
  cd libhtp-0.2.3
 +
./configure
 +
make
 +
make install
  
If you plan to build Suricata with IPS capabilities via ./configure --enable-nfqueue, enter the following:
+
Jika kita ingin menjalankan kemampuan [[IPS]] yang ada di suricata (./configure --enable-nfqueue) ada baiknya mengaktifkan
  
  sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0
+
  sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libcap-ng0
libcap-ng installation
 
  
This installation is needed for dropping privileges.
+
Mengaktifkan [[IPS]] dapat dilakukan pada saat konfigurasi menggunakan perintah
  
  wget http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-0.6.4.tar.gz
+
  ./configure --enable-nfqueue
tar -xzvf libcap-ng-0.6.4.tar.gz
 
cd libcap-ng-0.6.4
 
./configure && make && sudo make install
 
suricata
 
  
To download and build Suricata, enter the following:
+
==Suricata==
  
wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
+
Download suricata
tar -xvzf suricata-current.tar.gz
 
cd suricata.version
 
  
If you are building from Git sources, enter the following:
+
http://www.openinfosecfoundation.org/index.php/download-suricata
 +
http://www.openinfosecfoundation.org/download/suricata-1.0.2.tar.gz
 +
cp suricata-1.0.2.tar.gz /usr/local/src
 +
cd /usr/local/src
 +
tar -xvzf suricata-1.0.2.tar.gz
 +
cd suricata-1.0.2
  
bash autojunk.sh
+
atau
  
If you are not building from Git sources, enter the following:
+
cd /usr/local/src
 +
wget http://www.openinfosecfoundation.org/download/suricata-1.0.2.tar.gz
 +
tar -xvzf suricata-1.0.2.tar.gz
 +
cd suricata-1.0.2
  
  ./configure
+
  ./configure --enable-nfqueue
 
  sudo mkdir /var/log/suricata/
 
  sudo mkdir /var/log/suricata/
 
  make
 
  make
Line 51: Line 62:
 
==Referensi==
 
==Referensi==
  
 +
* http://www.openinfosecfoundation.org/
 +
* http://www.openinfosecfoundation.org/index.php/download-suricata
 +
* http://openinfosecfoundation.org/documentation/index.html
 
* http://openinfosecfoundation.org/documentation/getting-started-debian-ubuntu.html
 
* http://openinfosecfoundation.org/documentation/getting-started-debian-ubuntu.html
  

Revision as of 11:30, 15 September 2010

Siapkan Aplikasi Pendukung

Siapkan berbagai aplikasi pendukung sebelum menginstalasi suricata 

sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
libyaml-0-1 libyaml-dev zliblg zliblg-dev libcap-ng-dev libcap-ng0

di Ubuntu 10.04 

sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
libyaml-dev libcap-ng-dev libcap-ng0

Download htp secara manual 

http://openinfosecfoundation.org/index.php/download-suricata
http://openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz

Atau download & Install htp secara manual 

cd /usr/local/src
wget http://www.openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
tar -xzvf libhtp-0.2.3.tar.gz
cd libhtp-0.2.3
./configure
make
make install

Jika kita ingin menjalankan kemampuan IPS yang ada di suricata (./configure --enable-nfqueue) ada baiknya mengaktifkan 

sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libcap-ng0

Mengaktifkan IPS dapat dilakukan pada saat konfigurasi menggunakan perintah 

./configure --enable-nfqueue

Suricata

Download suricata 

http://www.openinfosecfoundation.org/index.php/download-suricata
http://www.openinfosecfoundation.org/download/suricata-1.0.2.tar.gz
cp suricata-1.0.2.tar.gz /usr/local/src
cd /usr/local/src
tar -xvzf suricata-1.0.2.tar.gz
cd suricata-1.0.2

atau 

cd /usr/local/src
wget http://www.openinfosecfoundation.org/download/suricata-1.0.2.tar.gz
tar -xvzf suricata-1.0.2.tar.gz
cd suricata-1.0.2

./configure --enable-nfqueue
sudo mkdir /var/log/suricata/
make
make install


Referensi

Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Instalasi_Suricata&oldid=21649"