进入snort安装目录
/usr/local/MySQL/bin/mysql -u root -p < ./contrib/create_mysql snort
Enter password:
安装DB表:(在contrib目录)
zcat snortdb-extra.gz | /usr/local/mysql/bin/mysql -p snort
进入mysql数据库,看看snort数据库中的表:
/usr/local/mysql/bin/mysql -p
Enter password:
mysql>show databases;
+------------+
| Database
+------------+
| mysql
| snort
| test
+------------+
3 rows in set (0.00 sec)
mysql>use snort;
mysql>show tables; 将会有这些:
+------------------+
| Tables_in_snort |
+------------------+
| data
| detail
| encoding
| event
| flags
| icmphdr
| iphdr
| opt
| protocols
| reference
| reference_system
| schema
| sensor
| services
| sig_class
| sig_reference
| signature
| tcphdr
| udphdr
+------------------+
19 rows in set (0.00 sec)
mysql>exit
安装配置Acid
/www/htdocs/目录,它将作为Apache服务器的DocumentRoot。同时,将acid-0.9.6b23.tar、adodb320.tar、gd-2.0.12.tar、phplot-4.4.6.tar等在该目录下解压,并去掉版本信息重新命名之:
把acid-0.9.6b23.tar.gz,adodb494.gz,jpgraph-1.20.5.tar.gz放到网页根目录
cp jpgraph-1.20.5.tar.gz /www/htdocs/
cp adodb494.gz /www/htdocs/
cp acid-0.9.6b23.tar.gz /www/htdocs/
cd /www/htdocs
tar -xvzf jpgraph-1.20.5.tar.gz
rm -rf jpgraph-1.20.5.tar.gz
cd jpgraph-1.20.5
rm -rf README
rm -rf QPL.txt
cd ..
tar -xvzf adodb494.gz
rm -rf adodb494.gz
tar -xvzf acid-0.9.6b23.tar.gz
rm -rf acid-0.9.6b23.tar.gz
cd acid
vi acid_conf.php
$DBlib_path = "";
改成$DBlib_path = "/www/htdocs/adodb"
$alert_dbname = "snort_log"; //改成snort
$alert_host = "localhost";
$alert_port = "";
$alert_user = "snort";
$alert_password = "mypassword"; //改成你的数据库密码
/* Archive DB connection parameters */
$archive_dbname = "snort_archive"; //改成snort
$archive_host = "localhost";
$archive_port = "";
$archive_user = "snort";
$archive_password = "mypassword"; //改成你的数据库密码
$ChartLib_path = "";
改成$ChartLib_path = "/www/htdocs/jpgraph-1.20.5/src";
修改完毕后,保存退出
设立ACID密码
mkdir /www/passwords
/www/bin/htpasswd -c /www/passwords/passwords acid
编辑httpd.conf (/www/conf),加入下面内容:(在</Directory>之后开始)
<Directory "/www/htdocs/acid">
AuthType Basic
AuthName "SnortIDS"
AuthUserFile /www/passwords/passwords
Require user acid
</Directory>
览器访问,成功的话,出现一些系统、apache、php信息
Linux平台配置snort+apache+php+mysql+acid环境(3)
内容版权声明:除非注明,否则皆为本站原创文章。