Intrusion Detection using Snort, Sguil, Barnyard and more

From Alpine Linux
Revision as of 11:24, 1 October 2010 by Myoung (talk | contribs)


This material is work-in-progress ...

Do not follow instructions here until this notice is removed.
(Last edited by Myoung on 1 Oct 2010.)

This guide will set up (list subject to change):

  • Snort
  • Barnyard
  • Sguil

This guide will assume:

  • You have a knowledge of your network setup (at least know which subnets exist)
  • You have Alpine 2.0.2 installed and working with networking setup

Installing Working Environment

Install Alpine and Pre-packaged components

    apk add alpine-sdk mysql-dev openssl-dev snort wireshark tcpdump tcpflow cvs