You are on page 1of 4

[root@localhost ~]# mount /dev/cdrom /mnt [root@localhost ~]#cd /mnt

[root@localhost mnt]# yum install mysql mysql-server mysql-devel -y

yum -y install gcc gcc-c++ kernel-devel patch make vim sshd libxml2 libxml2-devel pcre pcre-devel php php-common php-gd php-cli php-mys l !lex bison php-pear-"umbers#oman php-pear-"umbers-$ords php-pear-%mage-&olor php-pear-%mage-&anvas phppear-%mage-'raph libpcap libpcap-devel mys l mys l-devel mys l-bench mys l-server dnet dnet-devel libnet libnet-devel libdnet libdnet-devel (lib (lib-devel [root@localhost ~]# service mys ld status [root@localhost ~]# service mys ld start [root@localhost ~]# service httpd start [root@localhost ~]# yum -y install mys l-bench mys l-devel php-mys l gcc pcrt-devel php-gd gd glib2-devel gcc-c++ libcap-devel &)i *+t !lex, [root@uitnet-ork ~]# -get http.//bi(netnet-orks,dl,source!orge,net/source!orge/!lex/!lex-2,/,0/,tar,g( ,/con!igure 1ake 22 make install [root@uitnet-ork local]# -get http.//!tp,gnu,org/gnu/bison/bison-2,3,4,tar,g( ,/con!igure 1ake 22 make install 56y gi7 ta uay l8i c)i libpcap, rm -#! /usr/local/include/pcap9 rm /usr/local/lib/libpcap9 cd libpcap-4,4,4 ,/con!igure --pre!ix:/usr make 22 make install cd da -;,2 ,/con!igure mkdir /etc/snort mkdir /var/log/snort tar (xv! snortrules-snapshot-2<;4,tar,g( -& /etc/snort cp /etc/snort/etc/9 /etc/snort groupadd snort

useradd -g snort snort cho-n snort.snort /var/log/snort touch /var/log/snort/alert cho-n snort.snort /var/log/snort/alert chmod =;; /var/log/snort/alert mkdir /usr/local/lib/snort>dynamicrules cp /etc/snort/so>rules/precompiled/?&-42/i0@=/2,<,;,4/9,so /usr/local/lib/snort>dynamicrules cat /etc/snort/so>rules/9,rules AA /etc/snort/rules/so-rules,rules tar (xv! libnet-4,;,2a,tar,g( cd libnet-4,;,2,a ,/con!igure make 22 make install 3. Compile & Install Snort tar (xv! snort-2,@,;,4,tar,g( cd snort-2,@,;,4 ,/con!igure --enable-ipv= --enable-gre --enable-mpls --enable-targetbased --enabledecoder-preprocessor-rules --enable-ppm --enable-per!pro!iling --enable-(lib --enableactive-response --enable-normali(er --enable-reload --enable-react --enable-!lexresp0 ---ith-mys l --enable-dynamicplugin make 22 make install Bong tiCp. groupadd snort useradd -g snort snort Ds /sbin/nologin mkdir /etc/snort mkdir /etc/snort/rules mkdir /var/log/snort E)o thF mGc source cHa snort-2,@,;,4I v)o tiCp thF mGc etcI xong. cp 9 /etc/snort BJ nKn gLi rule snort tar (xv! snortrules-snapshot-2,=,tar,g( cd snortrules-snapshot-2,=/rules cp 9 /etc/snort/rules

Metup script startup cho snort cd /etc/init,d/ -get http.//internetsecurityguru,com/snortinit/snort chmod N// snort chkcon!ig --add snort chkcon!ig snort on Odit !ile /etc/snort/snort,con! Pncomment line. NN0 output database. logI mys lI user:root pass-ord:root dbname:snort host:localhost "QRO. S *6y con!ig dTng user root/rootI b8n nUn chVn user khWc cho snort, R8o X5 cho snort mys l -u root -proot mys lAcreate database YsnortYZ mys lA uit E)o thF mGc source cHa snort-2,@,;,4I v)o tiCp thF mGc schemas mys l -u root -proot snort [ create>mys l 4. Cu hnh BASE v ADODB 58n phJi cL -eb serverI phpI cWc pear cHa php yum install -y httpd php php-mys l php-common php-cli php-gd9 pear install %mage>'raph-alpha %mage>&anvas-alpha %mage>&olor "umbers>#oman copy ;2 !ile m\i do-nload base v) adodb v)o thF mGc ch]a -ebI thF7ng l) /var/---/htdocs ho^c /var/---/html [ ! BongI xJ ;2 gLi *LI *_i tUn !older "ase### th)nh "ase, E)o thF mGc "ase$ mv base>con!,php,dist base>con!,php BongI edit !ile base>con!,php RhiCt l`p cWc thang sb.

c5dMO>urlpath : ehttp.//[yoursiteA/baseeZ cX5lib>path : f[*F7ng dgn -eb chh [ !A/adodb/fZ calert>dbname : fsnortfZ calert>host : flocalhostfZ calert>port : ffZ calert>user : frootfZ calert>pass-ord : frootfZ %.Start Snort v test service snort start "Cu ,,, [ Qi ] thj v)o http.//[yoursiteA/base &kn !ail thj debug check blng command /usr/local/bin/snort -i eth; -c /etc/snort/snort,con! -X