本文共 4716 字,大约阅读时间需要 15 分钟。
http://snort-inline.sourceforge.net/download.html
gd,pcre,php,mysql,adodb,jpgraph,zlib,freetype
zlib http://www.zlib.net/zlib-1.2.3.tar.gz freetype http://ftp.twaren.net/Unix/NonGNU/freetype/freetype-2.3.9.tar.gz libpng http://downloads.sourceforge.net/sourceforge/libpng/libpng-1.2.38rc02.tar.gz?use_mirror=jaist 安装顺序 zlib libpng freetype jpegsrc gd php mysql 5.4 http://dev.mysql.com/get/Downloads/MySQL-5.4/MySQL-server-community-5.4.1-0.rhel4.i386.rpm/from/http://mysql.mirrors.adc.am/ php 5.2.10 http://cn2.php.net/get/php-5.2.10.tar.gz/from/cn.php.net/mirror prce 7.9 ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-7.9.tar.gz libpcap mysql 安装 rpm -e mysql --nodeps /usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -h localhost.localdomain password 'new-password' Alternatively you can run: /usr/bin/mysql_secure_installation mysql-headers http://dev.mysql.com/get/Downloads/MySQL-5.4/MySQL-devel-community-5.4.1-0.rhel4.i386.rpm/from/http://mysql.mirrors.adc.am/ httpd 安装 rpm -e httpd --nodeps ./configure --enable-so php 安装 ./configure --with-mysql --with-apxs2=/usr/local/apache2/bin/apxs --with-zlib --with-jpeg --with-gd --with-png --enable-track-vars --enable-sockets --disable-debug --prefix=/usr/local/php5 <?php phpinfo(); ?> 查找mysql,gd,php是否都支持了 进PHP目录 cp -p .libs/libphp5.so /usr/local/apache2/modules cp -p php.ini-recommended /etc/php.ini httpd.conf配置 LoadModule php5_module modules/libphp5.so AddType application/x-httpd-php php 建立mysql用户 create table snort; grant create,insert,select,delete,update on snort.* to snort@localhost; set password for 'snort'@'localhost'=password('snort'); flush privileges; use snort; source /data/software/snort-2.8.4.1/schemas/create_mysql 创建认证登录用户 /usr/local/apache2/bin/htpasswd -c ./.htpasswd admin <Directory "/var/www/html/acid"> AuthType Basic AuthName "abc" AuthUserFile /etc/httpd/conf/htpasswd Require user admin AllowOverride None </Directory> 安装acid http://www.andrew.cmu.edu/user/rdanyliw/snort/acid-0.9.6b23.tar.gz base http://downloads.sourceforge.net/sourceforge/secureideas/base-1.4.3.1.tar.gz?use_mirror=jaist jpegsrc http://www.ijg.org/files/jpegsrc.v7.tar.gz 开始安装snort+base snort snort rules snort安装 ./configure --with-mysql groupadd snort useradd -g snort snort mkdir -vp /etc/snort/rules mkdir /var/log/snort 从snort源代码目录 cd etc cp * /etc/snort/ 设置snort.conf var HOME_NET 192.168.15.0/24 var RULE_PATH /etc/snort/rules output database: log, mysql, user=snort password=snort dbname=snort host=localhost 安装snort启动脚本 wget http://internetsecurityguru.com/snortinit/snort/ -P /etc/init.d/ mv index.html snort 安装rules cp rules/* /etc/snort/rules cp etc/* /etc/snort/ 安装base cd /usr/local/apache2/htdocs mv base-1.4.3.1/ base/ 安装其他的2个 mkdir adodb cp -r /data/software/adodb/* ./adodb/ mkdir jpgraph cp -r /data/software/jpgraph-2.3.4/ ./jpgraph/ 安装yum wget http://www.chinalinuxpub.com/yum.tgz rpm -ivh *.rpm 安装ntop wget http://downloads.sourceforge.net/sourceforge/ntop/ntop-3.3.10.tar.gz?use_mirror=ovh 修改/etc/yum 加入:CentOS-Base.repo [base] name=CentOS 4.4 for RHEL4 - Base baseurl= http://mirror.centos.org/centos-4/4.7/os/i386/ [updates] name=CentOS 4.4 for RHEL4 - Updates baseurl= http://mirror.centos.org/centos-4/4.7/updates/i386/ "Public key for * is not installed"解决办法 用yum安装clamav时出错: Public key for clamav-0.91.2-1.el5.rf.i386.rpm is not installed 在这个yum源找到KEY: http://mirror.centos.org/centos-4/4.7/os/i386/RPM-GPG-KEY 导入: rpm --import http://mirror.centos.org/centos-4/4.7/os/i386/RPM-GPG-KEY 再次install,成功 /*安装ntop 安装TCL wget http://downloads.sourceforge.net/sourceforge/tcl/tcl8.6b1-src.tar.gz?use_mirror=ovh wget http://downloads.sourceforge.net/sourceforge/tcl/tcl8.6b1-html.tar.gz?use_mirror=ovh 安装intltool wget http://ftp.gnome.org/pub/gnome/sources/intltool/0.40/intltool-0.40.6.tar.gz 安装rrdtools ./configure --prefix=/usr/local/rrdtool 安装 yum install -y pango 安装xlib 安装 wget http://cairographics.org/releases/cairo-1.8.8.tar.gz 安装libpcap wget http://www.tcpdump.org/release/libpcap-1.0.0.tar.gz 安装libpcap-devel /* 安装libeven wget http://www.monkey.org/~provos/libevent-1.4.11-stable.tar.gz 安装rrdtool rpm -vih ftp://ftp.pbone.net/mirror/archive.fedoraproject.org/fedora/linux/core/3/i386/os/Fedora/RPMS/perl-Time-HiRes-1.55-3.i386.rpm wget http://dag.wieers.com/rpm/packages/rrdtool/perl-rrdtool-1.2.23-1.el4.rf.i386.rpm wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.2.23-1.el4.rf.i386.rpm wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.2.23-1.el4.rf.i386.rpm 安装ntop wget http://rpmforge.sw.be/redhat/el4/en/i386/rpmforge/RPMS/ntop-3.3-1.el4.rf.i386.rpm 配置 邮件报警 swatch wget http://downloads.sourceforge.net/sourceforge/swatch/swatch-3.2.3.tar.gz?use_mirror=ovh转载地址:http://fommb.baihongyu.com/