Intrusion Detection using Snort, Sguil, Barnyard and more: Difference between revisions

From Alpine Linux
(Created page with "NOTE: This is a work-in-progress, draft document... Use at your own risk. Step 1: Install Alpine 2.0.2 Step 2: apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump...")
 
No edit summary
Line 1: Line 1:
NOTE: This is a work-in-progress, draft document... Use at your own risk.
[[Category:Networking]]


Step 1: Install Alpine 2.0.2
{{Draft}}


Step 2: apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs
This guide will set up (list subject to change):
* Snort
* Barnyard
* Sguil
 
This guide will assume:
* You have a knowledge of your network setup (at least know which subnets exist)
* You have Alpine 2.0.2 installed and working with networking setup
 
== Installing Working Environment ==
 
'''Install Alpine and Pre-packaged components'''
 
    apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs

Revision as of 11:24, 1 October 2010


This material is work-in-progress ...

Do not follow instructions here until this notice is removed.
(Last edited by Myoung on 1 Oct 2010.)

This guide will set up (list subject to change):

  • Snort
  • Barnyard
  • Sguil

This guide will assume:

  • You have a knowledge of your network setup (at least know which subnets exist)
  • You have Alpine 2.0.2 installed and working with networking setup

Installing Working Environment

Install Alpine and Pre-packaged components

    apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs