Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Tutorial: Install Snort, Base, MySQL, and Apache2 on Ubuntu 7.10

Up
vote
Down

In this tutorial I will describe how to install and configure Snort (an intrusion detection system (IDS)) from source, BASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 7.10 (Gutsy Gibbon). Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which BASE will use to display a graphical interface in a web browser. read more...
permapage | score:8647 | -falko, November 21, 2007

Intrusion Detection with Snort, ACIDBASE, MySQL, And Apache2 on Ubuntu 9.04

Up
vote
Down

This tutorial describes how to install and configure Snort intrusion detection system (IDS), ACIDBASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 9.04 using packages from Ubuntu’s Synaptic Package Manager. Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which ACIDBASE will use to display in a graphical interface in web browser. read more...
permapage | score:8248 | -falko, September 23, 2009

Intrusion detection with Snort on RHEL 5

Up
vote
Down

Snort is a popular open source intrusion detection system (IDS). Learn how to install this security tool and configure it with MySQL on Red Hat Enterprise Linux 5. This is also applicable to Red Hat Enterprise Linux 4, CentOS 4 and 5 and Fedora Core 5 and 6.
It is fast and easy to set up and runs on most commercially available hardware, including platforms from IBM, HP, Sun and commodity PC hardware. It is a signature-based, [...] IDS engine that is easy to deploy and easy to tune. Rules are open and can be readily edited, and writing and adding your own rules requires only a little learning. Snort is also capable of outputting data in a variety of formats: binary (called "Unified"), syslog, to a file and to a SQL database (one of Oracle, PostgreSQL, MySQL or Microsoft SQL Server).
read more...
mail this link | permapage | score:8191 | -estride, June 20, 2007

Tutorial: Guide to basic Snort use

Up
vote
Down

This mini-tutorial is designed to get you running an intrusion detection system (IDS) quickly.
In the following essay I will tell you about writing rules and alerts for snort. I went through a lot of reading and nights of trying to configure it, and playing around with it, and I think that if material was presented in a slightly different fashion if could of made the life of snort users much easier, and so here is some basic information first.
(here are some starry night canvas prints) read more...
mail this link | permapage | score:8154 | -Ray, May 2, 2003 (Updated: April 26, 2012)

Tutorial: Set up Snort, Base, PostgreSQL on Ubuntu LTS

Up
vote
Down

This tutorial describes how you can install and configure the Snort IDS (intrusion detection system) and BASE (Basic Analysis and Security Engine) on an Ubuntu 6.06 (Dapper Drake) system. With the help of Snort and BASE, you can monitor your system - with BASE you can perform analysis of intrusions that Snort has detected on your network. Snort will use a PostgreSQL database to store/log the data it gathers. read more...
permapage | score:7903 | -falko, April 28, 2007

Snort on OpenWrt: Low cost security

Up
vote
Down

Consume almost no power, generate almost no heat... and you probably needed the little router anyway!
If you're edgy about security for your SOHO LAN, you might want to consider moving your first line of defense out past your firewall. How about on your router, for example? If your router runs OpenWrt, you can do exactly that, by running Snort, the open source intrusion detection system (IDS) project that has become the most widely deployed IDS in the world. Throw in the firewall that comes out of the box with OpenWrt White Russian, and suddenly the perimeter seems a lot more secure.
read more...
mail this link | permapage | score:7870 | -Ray, March 28, 2006

Intrusion Detection with BASE and Snort

Up
vote
Down

This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected on your network. read more...
permapage | score:7317 | -falko, July 10, 2006

Security: How to install Snort IDS on Mandrake (pdf)

Up
vote
Down

If you have a system or network connected to the Internet, you become a target. Your network is being scanned for vulnerabilities. This may happen only once a month or twice a day, regardless, there are people out there probing your network and systems for weaknesses. This documentation will show how you can protect yourself by installing an Intrusion Detection System with free available Software (Snort, PHP, MySQL, ACID) on a Linux Mandrake 9.2 System. read more...
permapage | score:7131 | -fn-eagle, December 15, 2003 (Updated: October 21, 2004)

Linux/Unix security: Intrusion detection with Snort

Up
vote
Down

A quick tutorial for setting up Snort.
Designed to fill the gap left by expensive, heavy-duty network intrusion detection systems, Snort is a free, cross-platform packet sniffer, logger, and intrusion detector for monitoring smaller TCP/IP networks. It runs on Linux/UNIX and Win32 systems. It takes mere minutes to install and start using it.
read more...
permapage | score:6756 | -Ray, July 17, 2002 (Updated: September 27, 2003)

Security: PortSentry vs. Snort Comparison

Up
vote
Down

Intrusion detection system (IDS) versus port scan detector.
Snort
Snort falls into the category of Network Intrusion Detection Systems (NIDS). It is the best open source program of this type that I am aware of. Port scan detection is a subset of NIDS so one can rightfully assume that snort handles this as well...

Port Sentry
A port scan detector that can be configured to bind to ports you want monitored, reporting scans made to these ports and optionally running a command to deal with the scanning host (usually in the form of routing that host to a blackhole or adding a firewall rule dealing with said host)...
read more...
mail this link | permapage | score:6735 | -Ray, March 20, 2001 (Updated: July 14, 2003)

Security: Intrusion Detection Systems: Snort

Up
vote
Down

An introduction to the IDS Snort...
Once you have snort installed, it's time to set it up in intrusion detection mode. First, I'll discuss your Snort configuration file. I'll assume that you're naming the file snort.conf, but as long as you use the -c config-file option, it doesn't really matter what you name the file. When you install snort, there should be a default/sample configuration file created. On Debian, the file is in /etc/snort/snort.conf.
read more...
permapage | score:6564 | -Ray, November 30, 2004

Tutorial: Snort-Setup for Statistics

Up
vote
Down

Good information on Snort and Network Intrusion Detection Systems (NIDS).
This HOWTO describes how to configure Snort version 1.8.3 to be used in conjunction with the statistical tools ACID (Analysis Console for Intrusion Databases) and SnortSnarf. It also intends to get some internal statistics out of snort, e.g. if there are packets dropped.
read more...
permapage | score:6422 | -Ray, January 6, 2002 (Updated: June 16, 2003)

Improve Snort performance with Barnyard

Up
vote
Down

Increasing the speed and efficiency of intrusion-detection system application Snort means reduced false positives and more focus on actual threats. You can do this with Barnyard, a third-party application that leaves Snort with more capacity to scan/analyze anomalies and attacks. read more...
permapage | score:6348 | -estride, May 22, 2007

IDS: Using Snort

Up
vote
Down

How to get started using the snort intrusion detection system...
Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.
read more...
permapage | score:6296 | -Ray, December 27, 2005

Intrusion Detection Systems (IDS): Snort

Up
vote
Down

When you can't lock them out, at least you can find out they are in.
Snort is a versatile, lightweight and very useful intrusion detection system. In this article we will look at Snort as a backup Intrusion Detection System for your enterprise network and see whether it can really scale up to the requirements of your enterprise networks.
read more...
permapage | score:6273 | -Ray, February 14, 2001 (Updated: July 19, 2003)

Book Review: Intrusion Detection with Snort

Up
vote
Down

An introduction to Snort and Intrustion Detection Systems for $40.
This is a fair book for getting started, and I'd recommend it to folks who prefer to have a book on hand for basic reference information. Rehman pulls together the necessary material to get you started with Snort, but doesn't provide many details beyond that. If you've already delved into Snort a little bit, this book is probably not going to take you the extra mile.
read more...
permapage | score:6232 | -Ray, November 30, 2003

Security: Book review: Three Snort Books

Up
vote
Down

The three Snort books are
  • Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID,
  • Intrusion Detection with Snort,
  • Snort 2.0 Intrusion Detection.
    This book review covers the three books on Snort currently available (we will see another two Snort books later this winter). It covers what is good about them, what is bad, and who the target audience is for each. If you are looking to learn intrusion detection the open source way, or simply do not have a million-dollar IT security budget, these books are a good starting point.

    Each of these three books serves a different purpose and consequently is appropriate for a different reader.
    read more...
mail this link | permapage | score:6121 | -Ray, August 14, 2003

Introduction to Intrusion Detection with Snort

Up
vote
Down

This article starts with an overview of IDS, then goes into the Snort IDS package details.
Host-based intrusion detection systems, as the name implies, are installed on each end host and look for attacks directed directly at the host. Most HIDS employ automated checks of log files, file checksums, file and directory permissions, local network port activity, and other basic host security items. HIDS offer the benefit of being able to detect attacks local to the machine or on an encrypted or switched network where a NIDS might have issues. HIDS provide a wealth of forensic data and can often determine whether or not an attack, originating from the local host or the network, succeeded or failed.
read more...
mail this link | permapage | score:5476 | -Ray, September 20, 2005

Book review: Intrusion Detection with Snort

Up
vote
Down

The review starts out with a preemptive answer to the question, 'Why Snort?'.
What Koziol implies throughout Intrusion Detection with Snort, but never states outright, is that Snort holds an inherent advantage over closed source IDSs, in that the IDS itself can be tailored and customized for each individual deployment to a level not possible for closed source competitors. If you have had the displeasure of working with a rigid, uncustomizable, IDS you already know where this is going ...

In order for an IDS to be effective, or in some high-bandwidth cases, even usable, detailed network and business context must be applied to the IDS.
read more...
mail this link | permapage | score:5471 | -Ray, May 30, 2003

Stop intruders with Snort and friends

Up
vote
Down

Angela Orebaugh, author of SNORT COOKBOOK, shares some tasty tips for using Snort and other free intrusion detection tools, including SnortCenter and ACID/BASE.
ACID/BASE is a PHP-based web GUI for log analysis. Its features include a search engine, packet viewer, alert management and graphing and statistics generation. Its Web front end is easy to use and makes the administrator's job of managing alerts and logs a lot easier.

SnortCenter manages remote sensors in a Web-based client-server method. It is written in PHP and Perl. Both the management console and sensor agents can be installed on Unix and Windows.
read more...
mail this link | permapage | score:5270 | -jstafford, May 26, 2005
More articles...
Buy Large Wall Art Prints

Recent headlines

Linux mail command examples: send mails from command line

10 basic examples of Linux ps command

Set up Oneiric PVHVM at Xen 4.1.2 Ubuntu 11.10 Dom0

Tutorial: Debian 7 Samba Server with tdbsam

Ubuntu Edge: Is there life after an unsuccessful crowd-funding campaign?

How to install Orange in Ubuntu 13.04

LG 8-inch G Pad 8.3 Android tablet

Tutorial: Automatically add a disclaimer to emails with alterMIME (Postfix on Debian 6)

Hand of Thief trojan and your favorite Linux distribution

Epoptes – Open source computer lab management and monitoring tool

Tutorial: Running CS-Cart on Nginx on Debian 7/Ubuntu 13.04

Plasma Media Center 1.1 and digiKam 3.3

Beginner Ubuntu Tips

Tahoe Least-Authority File System for secure, distributed data storage

Upgrade Fedora 18 to 19 With FedUp

Nuvola Player: Enjoy all your Cloud music services from one interface

Dual-boot Windows 7 and Ubuntu 12.04 on a PC with UEFI board, SSD and HDD

Pipelight – Using Silverlight in Linux browsers

Using Multiple PHP Versions (PHP-FPM FastCGI) With ISPConfig 3 (Ubuntu 12.04)

Better Grails apps with CSS

OpenShift Online: a non-developer guide

Preview: Snapdragon SDK for Android

Pre-release Ubuntu 12.10 has partial support for manual LVM and disk encryption

Setup Nginx + php-FPM + apc + MariaDB on Debian: The perfect LEMP server

Sagemath in the Cloud and Sagemath 5.11

Unix: Shell Script Wrapper Examples

Microsoft Surface RT is an Unmitigated Disaster

Tutorial: Fedora 19 Samba server with tdbsam

Migrate Mailboxes between IMAP Servers with imapcopy

Tutorial: Create an NFS-like Storage Server with GlusterFS on Ubuntu 12.10

Using OpenVZ on Debian 7 (AMD64)

Add an entry for a Linux distribution in Windows boot menu

Tutorial: Webcam streaming your desktop plus audio with ffmpeg, crtmpserver, Flowplayer

Linpus Lite 1.9 review

Linux Iptables Examples

StartOS 6 GNOME 3 and KDE preview

Build a Firebird 2.5.1 and FreeBSD 9 database server

The Android-powered MeMO Pad HD 7 is just $149

Customize Linux Mint 15 Cinnamon

Install openQRM 5.1 on Debian 7

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin