Difference between revisions of "SNORT: Install SNORT"

Install menggunakan perintah

apt-get install snort-mysql snort-rules-default acidbase

pear install Numbers_Roman-1.0.2
pear install Numbers_Words-0.16.2
pear install Image_Canvas-0.3.2
pear install Image_Graph-0.7.2
pear install --alldeps mail

Port

192.168.0.0/16

Konfigurasi database

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u <user> -h <host> -p <databasename>    

Jika sedang belajar

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u root -h localhost -p123456 snort

Konfigurasi database

rm /etc/snort/db-pending-config
mysql -u root -p123456
create database snort;
grant ALL on root.* to snort@localhost;
grant ALL on snort.* to snort@localhost IDENTIFIED BY 'snort' ;
grant ALL on snort.* to snort IDENTIFIED BY 'snort' ;
exit

Konfigurasi SNORT

vi /etc/snort/snort.conf

output database: alert, mysql, user=snort password=snort dbname=snort host=localhost
output database: log, mysql, user=snort password=snort dbname=snort host=localhost

Konfigurasi BASE

vi /usr/share/acidbase/base_conf.php

$archive_exists   = 1; # Set this to 1 if you have an archive DB
$archive_dbname   = 'snort';
$archive_host     = 'localhost';
$archive_port     = ;
$archive_user     = 'snort';
$archive_password = 'snort';

Akses ke

http://localhost/acidbase

Bacaan

• http://jogja.linux.or.id/berita/arsip/2010/01/14/kustomisasi-konfigurasi-ids-snort/

Referensi

• http://125.160.17.21/speedyorari/index.php?dir=snort/rules RULES JADOEL untuk Percobaan
• http://www.snort.org/snort-downloads
• http://www.snort.org/dl/
• http://www.snort.org/start/rules
• http://base.secureideas.net/

Pranala Menarik

• Linux Howto