• 1 
瀏覽模式: 普通 | 列表

ips.sh

作者:cross 日期:2007-03-28 23:33

#!/bin/bash
# 2007/03/28 be authored by cross@ssorc.tw
#
# Purpose: In order to easy change the QUEUE/ACCEPT, or start/stop the snort-inline.
#
# ChangeLog:
#       2007/05/22 added start into check snort-inline is live or not function.
#       2007/05/16 added function for check.
#       2007/03/29 fixed functions.
#                  add interface() of function for getting wich interface device.
# Plan:
#       200x/xx/xx plan to add how to check snort-inline version.
#       200x/xx/xx plan added function for When uses accept(),
#                       changes "INPUT -p tcp --dport 80 -j ACCEPT"
#                       to      "INPUT -p tcp --dport 80 --syn -m state --state NEW -j ACCEPT". ???
#set -x

[閱讀全文]

類別: Script | 引用: 0 | 評論: 0 | 閱讀: 1466 | 列印 | 文件 | 轉發

入侵防護工具(IPS) - Snort-Inline

作者:cross 日期:2006-11-14 22:50

Fedora Linux core 4

套件:
。snort_inline-2.2.0a
。libnet-1.0.2a

[1.] 編譯 libnet
       wget http://www.packetfactory.net/libnet/dist/deprecated/libnet-1.0.2a.tar.gz
       tar zxvf libdnet-1.11.tar.gz
       cd libdnet-1.11
       ./configure
       make
       make install
 
    編譯 snort-inline

[閱讀全文]

類別: Secutiry | 引用: 0 | 評論: 8 | 閱讀: 3355 | 列印 | 文件 | 轉發

Snortcenter

作者:cross 日期:2006-11-14 22:48

web介面,用來管理 snort 的 rules ,並由中央管理其它台有snort的主機

snortcenter-console

[1.] tar zxvf snortcenter-console-3-31-05.tar.gz

      mv snortcenter-release snortcenter

      mv snortcenter /var/www/html/

[2.] install adodb

[3.] echo "CREATE DATABASE snortcenter;" | mysql -u root -p

[4.] vi /var/www/html/snortcenter/config.php

$DBlib_path = "./adodb/";
$curl_path = "";

[閱讀全文]

類別: Secutiry | 引用: 0 | 評論: 0 | 閱讀: 1186 | 列印 | 文件 | 轉發

  • 1