Intrusion Detection using Snort, Sguil, Barnyard and more: Difference between revisions
No edit summary |
No edit summary |
||
Line 12: | Line 12: | ||
* You have Alpine 2.0.2 installed and working with networking setup | * You have Alpine 2.0.2 installed and working with networking setup | ||
== | == Get Development Packages == | ||
'''Install Alpine and Pre-packaged components''' | '''Install Alpine and Pre-packaged components''' | ||
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs | apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs |
Revision as of 11:25, 1 October 2010
This material is work-in-progress ... Do not follow instructions here until this notice is removed. |
This guide will set up (list subject to change):
- Snort
- Barnyard
- Sguil
This guide will assume:
- You have a knowledge of your network setup (at least know which subnets exist)
- You have Alpine 2.0.2 installed and working with networking setup
Get Development Packages
Install Alpine and Pre-packaged components
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs