Linux system build SNORT Intrusion detection system

5. install snort tarzxvfsnort-(version number) into the extracted directory.

/Configure — with-mysql =/usr/local/mysql make makeinstall 6, install snort rules library tarzxvfsnortrules-(version number) to generate etc, doc, rules, so.rules four directory mkdir/etc/snort mkdir/etc/snort/rules mkdir/var/log/snort/etc/snort/cpetc cp-Rrules/*/*/etc/snort vi/etc/snort/snort.con 46 line should read: varHOME_NETXXX.XXX.XXX.0/24 111 line should read: varRules_PATH/etc/snort/rules 764 line should read: outputdatabase: log, mysql, password, user = root = XXXX (password, ibid.), dbname = snort host = localost 863-874 lines removed # 7, create snort database. Createdatabasesnort/mysql-uroot-pmysql >; > grantINSERT, SELECTonroot. * to snort @ localhost >/mydql-uroot-pusesnortmysql > showtables exit. 8, installing adodb tarzxvfadodb-(version number) cpadodb/usr/local/apache/htdocs 9, install jpgrap tarzxvfjpgraph-(version number) to move the extracted directory to/usr/local/apache/htdocs and renamed jpgrap 10, install acid tarzxvfacid-(version number) to move the extracted directory, and renamed the/usr/local/apache/htdocs acid vi/acid/acid_conf.pp $/usr/local/apache/htdocs/adodb DBlib_Path = ' '; $ alert_dbname = "snort"; $ alert_host = "localhost"; $ alert_port = ""; $ alert_user = "root"; $ alert_password = "xxxxx (ibid.)"; $ archive_dbname = "snort"; $ archive_host = "localhost"; $ archive_port = ""; $ archive_user = "root"; $ archive_password = "xxxxx (ibid.)"; $/usr/local/apache/htdocs/jpgraph/src charlLib_path = ""; $ charl_file_format = "png"; 11, http://xxx.xxx.xxx.xxx/acid test Note: before installation will compile tools installed.