SNORT入侵检测系统1
一、安装所需软件:<br />
<br />
<br />
<br /> mysql-4.1.11.tar.gz
<br />
<br /> snort-2.4.4.tar.gz
<br />
<br /> Apache2.0.53
<br />
<br /> php-5.0.4.tar.gz
<br />
<br /> adodb480.tar.gz
<br />
<br /> acid-0.9.6b23.tar.gz
<br />
<br /> zlib-1.2.2.tar.gz
<br />
<br /> jpgraph-2.1.1.tar.gz
<br />
<br /> libpcap-0.9.4.tar.gz
<br />
<br />barnyard-0.2.0.tar.gz
<br />
<br />mysqlcc-0.9.4-win32.zip
<br />
<br />httpd-2.0.53.tar.gz
<br />
<br />snortrules-snapshot-2.4.tar.gz
<br />
<br />openssl-0.9.7l.tar.gz
<br />
<br />JPGraph2.1.1
<br />
<br /> adodb480.gz
<br />
<br />acid-0.9.6b23.tar.gz
<br />
<br />barnyard-0.2.0.tar.gz
<br />
<br />二、安装
<br />
<br />
<br />
<br /> 1.安装zlib-1.2.2
<br />
<br /> #tar -xzvf zlib-1.2.2.tar.gz
<br />
<br /> #cd zlib-1.2.2
<br />
<br /> #./configure
<br />
<br /> #make
<br />
<br /> #make install
<br />
<br />
<br />
<br />2.安装libpcap-0.9.4
<br />
<br /> #tar -xzvf libpcap-0.9.4.tar.gz
<br />
<br /> #cd libpcap-0.9.4
<br />
<br /> #./configure
<br />
<br /> #make
<br />
<br />#make install
<br />
<br />
<br />
<br />3.安装libxml2-2.6.19.tar.gz
<br />
<br />#tar –zxvf libxml2-2.6.19.tar.gz
<br />
<br />#./configure
<br />
<br />#make
<br />
<br />#make install
<br />
<br />
<br />
<br />4.安装libpng-1.2.13.tar.gz
<br />
<br />#tar -xvzf libpng-1.2.13.tar.gz
<br />
<br />#./configure
<br />
<br />#make check
<br />
<br />#make install
<br />
<br />
<br />
<br />5.安装gd-2.0.33.tar.gz
<br />
<br />#tar –zxvf gd-2.0.33.tar.gz
<br />
<br />#./configure
<br />
<br />#make
<br />
<br />#make install
<br />
<br />
<br />
<br /> 6.安装jpegsrc.v6b.tar.gz
<br />
<br />#tar -zxvf jpegsrc.v6b.tar.gz
<br />
<br />#./configure
<br />
<br />#make
<br />
<br />#make install
<br />
<br />
<br />
<br /> 7.安装MySQL4.1.11
<br />
<br />
<br />
<br />#groupadd mysql /*添加mysql群组*/
<br />
<br />#useradd -g mysql mysql /*添加mysql用户并加入mysql群组里*/
<br />
<br />#passwd mysql /*设置mysql用户密码*/
<br />
<br />#mkdir /usr/local/mysql /*新建/usr/local/mysql 目录*/
<br />
<br />#chown -R mysql /usr/local/mysql /*变更/usr/local/mysql目录的所属群组为mysql */
<br />
<br /># mkdir /usr/local/mysql/var /*新建/usr/local/mysql/var 目录*/
<br />
<br />#chown -R mysql /usr/local/mysql/var/*变更/usr/local/mysql/var目录的所属群组为mysql */
<br />
<br />#chgrp -R mysql /usr/local/mysql /*变更/usr/local/mysql目录的所属群组为mysql */
<br />
<br />
<br />
<br />
<br />
<br />用mysql用户登陆
<br />
<br />$tar xzvf mysql-4.1.11.tar.gz
<br />
<br />$./configure --prefix=/usr/local/mysql --with-charset=gb2312 /*配置安装路径和支持gb2312的字符集*/
<br />
<br />$make
<br />
<br />$make install
<br />
<br />$scripts/mysql_install_db /*建立数据库结构*/
<br />
<br />
<br />
<br />向/etc/ld.so.conf中加入两行:
<br />
<br />/usr/local/mysql/lib/mysql
<br />
<br />/usr/local/lib
<br />
<br />
<br />
<br />载入库,
<br />
<br />在/ruanjian/zlib-1.2.2执行
<br />
<br />#ldconfig –v
<br />
<br />
<br />
<br />先用手动的方式启动一下数据库:
<br />
<br />#/usr/local/mysql/share/mysql/mysql.server start
<br />
<br />
<br />
<br />设置自动启动
<br />
<br /> #cp /usr/local/mysql/share/mysql/mysql.server /etc/rc.d/rc.local/mysql
<br />
<br />8.安装Apache加SSL的安全连接的支持
<br />
<br />
<br />
<br />#tar -zxvf openssl-0.9.7l.tar.gz
<br />
<br />#cd openssl-0.9.7l
<br />
<br />#./config
<br />
<br />#make
<br />
<br />#make install
<br />
<br />
<br />
<br />#tar zxvf httpd-2.0.53.tar.gz
<br />
<br />#./configure --prefix=/usr/local/apache2
<br />
<br />--enable-so
<br />
<br />--enable-ssl=static
<br />
<br />--with-ssl=/usr/local/ssl
<br />
<br />--enable-mods-shared=all
<br />
<br />#make
<br />
<br />#make install
<br />
<br />
<br />
<br />
<br />
<br />下来就是创建密钥及证书请求等等
<br />
<br />
<br />
<br />#mkdir key
<br />
<br />#cd key
<br />
<br />#openssl genrsa -des3 -out server.key 1024
<br />
<br />#openssl req -new -key server.key -out server.csr
<br />
<br /># openssl x509 -days 365 -req -in server.csr -signkey server.key -out server.crt
<br />
<br />
<br />
<br />
<br />
<br />Country Name:两个字母的国家代号
<br />
<br />State or Province Name:省份名称
<br />
<br />Locality Name:城市名称
<br />
<br />Organization Name:公司名称
<br />
<br />Organizational Unit Name:部门名称
<br />
<br />Common Name:你的姓名
<br />
<br />Email Address:地址
<br />
<br />
<br />
<br />
<br />
<br />#mkdir /usr/local/apache2/conf/ssl.crt
<br />
<br />#mkdir /usr/local/apache2/conf/ssl.key
<br />
<br />
<br />
<br />然后将用openssl生成的证书server.key和server.crt两个文件分别放到ssl.key和ssl.crt目录下。
<br />
<br />9.安装PHP:
<br />
<br />编译和安装PHP。这一步骤中,最为关键的一步是使用一系列的激发扩展功能提供PHP configure,以及外部类库正确的文件路径。
<br />
<br />
<br />
<br />php模块
<br />
<br />$./configure --prefix=/usr/local/php5 /*设置PHP5 的安装路径*/
<br />
<br />--with-apxs2=/usr/local/apache2/bin/apxs /*告诉PHP查找Apache 2.0的地方*/
<br />
<br />--with-libxml-dir=/usr/local/lib /*告诉PHP放置libxml2库的地方*/
<br />
<br />--with-zlib /*变量激活ZLIB 压缩库*/
<br />
<br />--with-zlib-dir=/usr/local/lib /*告诉PHP放置zlib库的地方*/
<br />
<br />--with-png /*告诉PHP放置png库的地方*/
<br />
<br />--with-gd /*变量激活 GD 扩展功能*/
<br />
<br />--with-jpeg /*告诉PHP放置jpeg库的地方*/
<br />
<br />--with-mysql=/usr/local/mysql /*变量激活regularMySQL扩展功能*/
<br />
<br />--with-mysqli=/usr/local/mysql/bin/mysql_config /*变量激活新增加的MySQL功能*/
<br />
<br />--enable-mbstring /**/
<br />
<br />--enable-soap /*变量激活SOAP和Web services支持*/
<br />
<br />--enable-sockets /*变量激活socket通讯特性*/
<br />
<br />
<br />
<br />#make
<br />
<br />#make install
<br />
<br /># cp php.ini-dist /usr/local/lib/php.ini
<br />
<br />注意httpd.conf配置文件加入:
<br />
<br />(1)、对.php类型文件的支持
<br />
<br />LoadModule php5_module modules/libphp5.so
<br />
<br />AddType application/x-httpd-php .php
<br />
<br />
<br />
<br />(2)、证书及其证书请求文件的路径:
<br />
<br />SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
<br />
<br />SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
<br />
<br />
<br />
<br />因为每次apachectl startssl都要求输入server.key的口令比较麻烦,所以通过下面的方法去掉:
<br />
<br />#cd /usr/local/apache2/conf/ssl.key
<br />
<br />#cp server.key server.key.org
<br />
<br />#openssl rsa -in server.key.org -out server.key
<br />
<br />#chmod 400 server.key
<br />
<br />
<br />
<br />现在启动服务:
<br />
<br />#cd /usr/local/apache2/bin
<br />
<br /># ./apachectl startssl
<br />
<br />
頁:
[1]