Difference between revisions of "SNORT: Install SNORT"

Install menggunakan perintah

apt-get install snort-mysql snort-rules-default acidbase

Port

192.168.0.0/16

Konfigurasi database

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u <user> -h <host> -p <databasename>    

Jika sedang belajar

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u root -h localhost -p123456 snort

Konfigurasi database

rm /etc/snort/db-pending-config
mysql -u root -p123456
create database snort;
grant ALL on root.* to snort@localhost;
grant ALL on snort.* to snort@localhost IDENTIFIED BY 'snort' ;
grant ALL on snort.* to snort IDENTIFIED BY 'snort' ;
exit

Edit konfigurasi

vi /etc/snort/snort.conf

output database: alert, mysql, user=snort password=snort dbname=snort host=localhost
output database: log, mysql, user=snort password=snort dbname=snort host=localhost

Bacaan

• http://jogja.linux.or.id/berita/arsip/2010/01/14/kustomisasi-konfigurasi-ids-snort/

Referensi

• http://125.160.17.21/speedyorari/index.php?dir=snort/rules RULES JADOEL untuk Percobaan
• http://www.snort.org/snort-downloads
• http://www.snort.org/dl/
• http://www.snort.org/start/rules
• http://base.secureideas.net/

Pranala Menarik

• Linux Howto