snort_and_snorby
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
snort_and_snorby [2014/05/09 21:42] – [Install and start Snorby] admin | snort_and_snorby [2014/06/10 12:03] – admin | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | {{tag> | ||
+ | |||
+ | |||
=====Snort and Snorby===== | =====Snort and Snorby===== | ||
This guide will help you install a Snort sensor and the Snorby web interface. | This guide will help you install a Snort sensor and the Snorby web interface. | ||
Line 109: | Line 112: | ||
Create a sample rules file (eg. look at etc/ | Create a sample rules file (eg. look at etc/ | ||
barnyard2 -? | barnyard2 -? | ||
+ | |||
+ | edit / | ||
+ | |||
+ | config reference_file: | ||
+ | config classification_file: | ||
+ | config gen_file: | ||
+ | config sid_file: | ||
+ | config logdir: / | ||
+ | config hostname: | ||
+ | config interface: | ||
+ | config daemon | ||
+ | config waldo_file: / | ||
+ | config archivedir: / | ||
+ | input unified2 | ||
+ | output alert_fast: / | ||
+ | output database: log, mysql, user=snort password=snortpass dbname=snorby host=snorby | ||
+ | |||
+ | |||
+ | ln -s / | ||
+ | / | ||
</ | </ |
snort_and_snorby.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1