Instalasi Suricata
Revision as of 07:13, 29 July 2012 by Onnowpurbo (talk | contribs)
Siapkan Aplikasi Pendukung
Siapkan berbagai aplikasi pendukung sebelum menginstalasi suricata
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \ make libmagic-dev
di Ubuntu 10.04
sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \ build-essential autoconf automake libtool libpcap-dev libnet1-dev \ libyaml-dev libcap-ng-dev libcap-ng0
Download htp
Download htp secara manual
http://openinfosecfoundation.org/index.php/download-suricata http://openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
Atau download & Install htp secara manual
cd /usr/local/src wget http://www.openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz tar -xzvf libhtp-0.2.3.tar.gz cd libhtp-0.2.3 ./configure make make install
Jika kita ingin menjalankan kemampuan IPS yang ada di suricata (./configure --enable-nfqueue) ada baiknya mengaktifkan
sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libcap-ng0
Mengaktifkan IPS dapat dilakukan pada saat konfigurasi menggunakan perintah
./configure --enable-nfqueue
Download suricata
Suricata
To download and build Suricata, enter the following:
wget http://www.openinfosecfoundation.org/download/suricata-1.3.tar.gz tar -xvzf suricata-1.3.tar.gz cd suricata-1.3/
Compile and install the engine
If you plan to build Suricata with IPS capabilities, enter:
./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
instead of
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
Continue with the next commands:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var make sudo make install sudo ldconfig
Referensi
- http://www.openinfosecfoundation.org/
- http://www.openinfosecfoundation.org/index.php/download-suricata
- http://openinfosecfoundation.org/documentation/index.html
- http://openinfosecfoundation.org/documentation/getting-started-debian-ubuntu.html