snort入侵检测系统下载Linux,Linux操作系统下搭建SNORT入侵检测系统

1、安装apache

tar zxvf apache-(版本号)-------

解压apache

进入解压目录。

/configure --prefix=/usr/local/apache

--enable-so --enable-rewrite

make

make install

/usr/local/apache/bin/apachectl start

启动APACHE

http://XXX.XXX.XXX.XXX(服务器IP地址)

测试APACHE

2、安装mysql

groupadd mysql

useradd -g mysql mysql

tar zxvf mysql-(版本号) ---------

解压mysql

进入解压目录。

/configure --prefix=/usr/local/mysql

--with-charset=gb2312/gbk

make

make install

进入supportsfiles目录

cp my_medium.cnf /etc/my.cnf

/usr/local/mysql/bin/mysql_install_db

--user=mysql

chown -R root /usr/local/mysql

chown -R mysql /usr/local/mysql/var

chgrp -R mysql /usr/local/mysql

/usr/local/mysql/share/mysql/bin/mysql.server start 启动MYSQL

/usr/local/mysql/bin/mysqladmin -u root

password XXXX

/usr/local/mysql/bin/mysql -u root

-p

password:

mysql>

3、安装PHP

tar zxvf php-(版本号)

进入解压目录

。/configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs \

--with-mysql=/usr/local/mysql \

--with-config_file_path=/usr/local/php \

make

make install

cp php.ini_dist /usr/local/lib/php.ini

vi /usr/local/lib/php.ini

更改365行 off为on

vi /usr/local/apache/conf/httpd.conf

DireltoryIndex 后加index.php

AddType applicontion/X-httpd-php .php

vi /usr/local/apache/htdocs/test/php

phpinfo()

?>

重新启动APACHE

http://XXX.XXX.XXX.XXX/test.php

4、安装pcre

tar zxvf pcre-(版本号)

进入解压目录

。/configure

make

make install

5、安装snort

tar zxvf snort-(版本号)

进入解压目录

。/configure

--with-mysql=/usr/local/mysql

make

make install

6、安装snort规则库

tar zxvf snort rules-(版本号)

生成etc、doc、rules、so.rules四个目录

mkdir /etc/snort

mkdir /etc/snort/rules

mkdir /var/log/snort

cp -R rules/* /etc/snort/

cp etc/* /etc/snort

vi /etc/snort/snort.conf

46行改为：var HOME_NET XXX.XXX.XXX.0/24

111行改为：var Rules_PATH

/etc/snort/rules

764行改为：output

database:log,mysql,user=root,password=XXXX(密码同上)，dbname=snort

host=localhost

863--874行去掉#

7、创建snort数据库。

/mysql -u root -p

mysql>create database snort;

>grant INSERT,SELECT on root .* to snort@localhost

>exit

./mydql -u root -p < /usr/local/src/snort-(版本号)/schemas/create_mysql snort

mysql>use snort

mysql>show tables

8、安装adodb

tar zxvf adodb-(版本号)

cp adodb /usr/local/apache/htdocs

9、安装jpgraph

tar zxvf jpgraph-(版本号)

移动解压目录到/usr/local/apache/htdocs,并改名为jpgraph

10、安装acid

tar zxvf acid-(版本号)

移动解压目录到/usr/local/apache/htdocs,并改名为acid

vi /acid/acid_conf.php

$DBlib_Path='/usr/local/apache/htdocs/adodb';

$alert_dbname="snort";

$alert_host="localhost";

$alert_port="";

$alert_user="root";

$alert_password="xxxxx(同上)";

$archive_dbname="snort";

$archive_host="localhost";

$archive_port="";

$archive_user="root";

$archive_password="xxxxx(同上)";

$charlLib_path="/usr/local/apache/htdocs/jpgraph/src";

$charl_file_format="png";

11、http://xxx.xxx.xxx.xxx/acid 测试

注： 在安装前应先将编译工具安装。