ubuntu 12.04 安装snort acidbase相关注意事项

一、安装Snort

1.安装libpcap

1
apt-get install libpcap-dev

2.安装snort

1
2
apt-get install snort
apt-get install snort-mysql

3.创建数据库及用户

1
2
3
4
5
mysql> CREATE DATABASE snort;
mysql> grant CREATE, INSERT, SELECT, UPDATE on snort.* to snort@localhost;
mysql> grant CREATE, INSERT, SELECT, UPDATE on snort.* to snort;
mysql> SET PASSWORD FOR snort@localhost=PASSWORD('snort-db'); //此处snort-db为密码
mysql> exit

4.创建数据库表结构

1
2
$ cd /usr/share/doc/snort-mysql
$ zcat create_mysql.gz | mysql -u snort -D snort -psnort-db

5.设置 snort 把 log 文件输出到 MySQL 数据库中

1
$ sudo vi /etc/snort/snort.conf

1)将 "ipvar HOME_NET any"更换为"ipvar HOME_NET 192.168.0.0/16"

2)将"ipvar EXTERNAL_NET any"注释掉

3)将"ipvar EXTERNAL_NET !$HOME_NET"注释去掉

4)将日志输出设置到 MySQL 数据库中,如下所示:

1
output database: log, mysql, dbname=snort user=snort password=snort-db host=localhost
1
$ sudo vi /etc/snort/database.conf

1)注释掉第一行

2)添加

1
output database: log, mysql, dbname=snort user=snort password=snort-db host=localhost

6.配置snort

1
snort -g snort -c /etc/snort/snort.conf

7.启动snort

1
service snort start

二、安装和配置 acid-base

1
2
apt-get install php5-adodb
apt-get install acidbase

3.修改acidbase apache配置文件

1
vi /etc/apache2/conf.d/acidbase.conf

修改为

1
2
3
4
5
6
7
8
9
10
11
12
<DirectoryMatch /usr/share/acidbase/>
  Options FollowSymLinks
  #AllowOverride None
  #order deny,allow
  #deny from all
  allow from 221.13.130.115
  <IfModule mod_php5.c>
    php_flag magic_quotes_gpc Off
    php_flag track_vars On
    php_value include_path .:/usr/share/php
  </IfModule>
</DirectoryMatch>

3.添加可执行php的目录

1
vi /etc/php5/apache2/php.ini
1
open_basedir = "/var/ftp/public/:/var/tmp/:/tmp/:/usr/share/acidbase:/etc/acidbase/:/usr/share/php/adodb/"

4.重启apache

1
service apache2 restart

 

上一篇:【特效】单选按钮和复选框的美化(只用css)


下一篇:第三十五节,目标检测之YOLO算法详解