Intrusion Detection using Snort, Sguil, Barnyard and more: Difference between revisions
(Created page with "NOTE: This is a work-in-progress, draft document... Use at your own risk. Step 1: Install Alpine 2.0.2 Step 2: apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump...") |
No edit summary |
||
Line 1: | Line 1: | ||
[[Category:Networking]] | |||
{{Draft}} | |||
This guide will set up (list subject to change): | |||
* Snort | |||
* Barnyard | |||
* Sguil | |||
This guide will assume: | |||
* You have a knowledge of your network setup (at least know which subnets exist) | |||
* You have Alpine 2.0.2 installed and working with networking setup | |||
== Installing Working Environment == | |||
'''Install Alpine and Pre-packaged components''' | |||
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs |
Revision as of 11:24, 1 October 2010
This material is work-in-progress ... Do not follow instructions here until this notice is removed. |
This guide will set up (list subject to change):
- Snort
- Barnyard
- Sguil
This guide will assume:
- You have a knowledge of your network setup (at least know which subnets exist)
- You have Alpine 2.0.2 installed and working with networking setup
Installing Working Environment
Install Alpine and Pre-packaged components
apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs