Installation and Configuration
179
  An intruder tries to get into your network.
  A Snort sensor installed in your network detects intruder activity based on its
rules. It then uses information in the 
snort.conf
 file to log data into
MySQL database. You have to provide the database user name, password,
hostname or IP address of the database server and database name in
snort.conf 
file.
  A web server is installed where MySQL server is running.
  A user starts the browser, connects to the web server and starts requesting PHP
web pages.
  The PHP engine connects to the database using the database user name,
password, and database name and gets information from the database server.
  The web server processes this information and sends back a reply to the web
browser, where a user can view intrusion data.
  A user can then perform different operations on this data via the web pages.
The rest of this chapter describes how to install and configure all of these tools to
build a web based user interface.
6.2 Installation and Configuration
Since ACID needs additional packages, like PHPLOT, GD library and so on, to work,
you need to make sure that everything is installed properly. Fortunately you can install
different components independently from each other in no particular order. The follow 
ing step by step process makes it easy to put everything in place.
  Install and test Snort. You have already done it in Chapter 2.
  Install and test MySQL. Please see Chapter 5 for reference. After installing
MySQL, you have to create a database and tables so that Snort can log its
activity into the database. After that you have to configure Snort using
snort.conf
 file so that it logs its data to the database server. 
  Install Apache. I would suggest using the RPM package that is part of RedHat
installation media. You can also download the latest version of Apache web
server from http://www.apache.org. 
  Download ACID from http://www.cert.org/kb/acid/ and uncompress it in
/var/www/html
 directory. This process creates a directory named 
acid
under 
/var/www/html
 directory. The Apache package that is part of the
RedHat distribution has its HTML files under 
/var/www/html
 directory.
Depending on your distribution, the directory may be different on your






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

toronto web hosting

 

Our partners: PHP: Hypertext Preprocessor Cheap Web Hosting JSP Web Hosting Ontario Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Java Hosting Cheapest Hosting

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved