Intrusion Detection using Snort, Sguil, Barnyard and more: Difference between revisions
No edit summary |
No edit summary |
||
Line 17: | Line 17: | ||
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs | apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs | ||
== Download Non-Packaged Applications == | |||
'''Download the following packages using wget''' | |||
cd /usr/src | |||
wget itcl3.4b1.tar.gz | |||
wget tcl8.4.19-src.tar.gz | |||
wget tk8.4.19-src.tar.gz | |||
wget mysqltcl-3.02.tar.gz | |||
wget tclx8.4.tar.bz2 | |||
wget tls1.6-src.tar.gz | |||
wget barnyard-0.2.0.tar.gz | |||
wget tcllib-1.12.tar.gz | |||
wget p0f.tgz | |||
wget iwidgets4.0.1.tar.gz | |||
(need to add source locations for all the packages above) |
Revision as of 11:29, 1 October 2010
This material is work-in-progress ... Do not follow instructions here until this notice is removed. |
This guide will set up (list subject to change):
- Snort
- Barnyard
- Sguil
This guide will assume:
- You have a knowledge of your network setup (at least know which subnets exist)
- You have Alpine 2.0.2 installed and working with networking setup
Get Development Packages
Install Alpine and Pre-packaged components
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs
Download Non-Packaged Applications
Download the following packages using wget
cd /usr/src wget itcl3.4b1.tar.gz wget tcl8.4.19-src.tar.gz wget tk8.4.19-src.tar.gz wget mysqltcl-3.02.tar.gz wget tclx8.4.tar.bz2 wget tls1.6-src.tar.gz wget barnyard-0.2.0.tar.gz wget tcllib-1.12.tar.gz wget p0f.tgz wget iwidgets4.0.1.tar.gz
(need to add source locations for all the packages above)