Difference between revisions of "SNORT: Install SNORT"

From OnnoWiki
Jump to navigation Jump to search
Line 48: Line 48:
 
Konfigurasi BASE
 
Konfigurasi BASE
 
   
 
   
  vi /usr/share/acidbase/base_conf.php
+
  vi /etc/acidbase/database.php  
  
  $archive_exists  = 1; # Set this to 1 if you have an archive DB
+
  $alert_user='snort';
  $archive_dbname  = 'snort';
+
  $alert_password='snort';
  $archive_host    = 'localhost';
+
  $basepath='/acidbase';
  $archive_port    = '';
+
$alert_dbname='snort';
  $archive_user    = 'snort';
+
  $alert_host='localhost';
  $archive_password = 'snort';
+
  $alert_port='';
 +
  $DBtype='mysql';
  
 
Restart APACHE
 
Restart APACHE
  
 
  /etc/init.d/apache2 restart
 
  /etc/init.d/apache2 restart
 
  
 
Akses ke
 
Akses ke

Revision as of 12:46, 15 December 2010

Install menggunakan perintah 

sudo apt-get install libpcre3 libpcre3-dev libpcrecpp0 libpcap0.8 libpcap0.8-dev \
mysql-server libmysqlclient15-dev libphp-adodb libgd2-xpm libgd2-xpm-dev php5-mysql \
php5-gd php-pear apache2 php5 php5-xmlrpc php5-mysql php5-gd php5-cli php5-curl \
mysql-client libdumbnet1 libdumbnet-dev

pear install Numbers_Roman-1.0.2
pear install Numbers_Words-0.16.2
pear install Image_Canvas-0.3.2
pear install Image_Graph-0.7.2
pear install --alldeps mail

apt-get install snort-mysql snort-rules-default acidbase

Masukan 

192.168.0.0/16

Konfigurasi database 

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u <user> -h <host> -p <databasename>

Jika sedang belajar 

cd /usr/share/doc/snort-mysql/                                             
zcat create_mysql.gz | mysql -u root -h localhost -p123456 snort

Konfigurasi database 

rm /etc/snort/db-pending-config
mysql -u root -p123456
create database snort;
grant ALL on root.* to snort@localhost;
grant ALL on snort.* to snort@localhost IDENTIFIED BY 'snort' ;
grant ALL on snort.* to snort IDENTIFIED BY 'snort' ;
exit

Konfigurasi SNORT 

vi /etc/snort/snort.conf

output database: alert, mysql, user=snort password=snort dbname=snort host=localhost
output database: log, mysql, user=snort password=snort dbname=snort host=localhost


Konfigurasi BASE 

vi /etc/acidbase/database.php 

$alert_user='snort';
$alert_password='snort';
$basepath='/acidbase';
$alert_dbname='snort';
$alert_host='localhost';
$alert_port=;
$DBtype='mysql';

Restart APACHE 

/etc/init.d/apache2 restart

Akses ke 

http://localhost/acidbase


Bacaan

Referensi

Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=SNORT:_Install_SNORT&oldid=23347"