Tag archive for ‘snort’

Intrusion Detection With BASE And Snort – Part4

December 25th, 2011 | | 0 Comments »

BASE web page setup Open your favorite web browser and go to: http://www.example.com/base-1.2.5/setup If all is setup okay you should see the BASE Setup Program page: Click on Continue step 1 of 5: Enter the path to ADODB (/var/www/adodb): click on Submit Query step 2 of 5: Enter the needed info on the next screen: [...]

Intrusion Detection With BASE And Snort – Part3

December 24th, 2011 | | 0 Comments »

Installing Lets start with: LIBPCAP. Make sure that you are in the directory that you downloaded all files. cd /root/snorttemp cd into the libcap map: cd libpcap-0.9.4 and make / install LIBPCAP: ./configure make make install Next is PCRE. Again, make sure that you are in the directory that you downloaded all files. cd /root/snorttemp [...]

Intrusion Detection With BASE And Snort – Part2

December 24th, 2011 | | 0 Comments »

LIBPCAP Go to: http://www.tcpdump.org/ and select a download link for Libpcap (at time of writing this it is libpcap-0.9.4.tar.gz) cd back to the snorttemp map: cd /root/snorttemp and download the libpcap-0.9.4.tar.gz file: wget http://www.tcpdump.org/release/libpcap-0.9.4.tar.gz Untar the file: tar -xvzf libpcap-0.9.4.tar.gz Remove the file: rm libpcap-0.9.4.tar.gz BASE (Basic Analysis and Security Engine ) Go to: http://secureideas.sourceforge.net/ [...]

Intrusion Detection With BASE And Snort – Part1

November 28th, 2011 | | 0 Comments »

This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected [...]

1