Installation and Configuration


179


  An intruder tries to get into your network.


  A Snort sensor installed in your network detects intruder activity based on its


rules. It then uses information in the 


snort.conf


 file to log data into


MySQL database. You have to provide the database user name, password,


hostname or IP address of the database server and database name in


snort.conf 


file.


  A web server is installed where MySQL server is running.


  A user starts the browser, connects to the web server and starts requesting PHP


web pages.


  The PHP engine connects to the database using the database user name,


password, and database name and gets information from the database server.


  The web server processes this information and sends back a reply to the web


browser, where a user can view intrusion data.


  A user can then perform different operations on this data via the web pages.


The rest of this chapter describes how to install and configure all of these tools to


build a web based user interface.


6.2 Installation and Configuration


Since ACID needs additional packages, like PHPLOT, GD library and so on, to work,


you need to make sure that everything is installed properly. Fortunately you can install


different components independently from each other in no particular order. The follow 


ing step by step process makes it easy to put everything in place.


  Install and test Snort. You have already done it in Chapter 2.


  Install and test MySQL. Please see Chapter 5 for reference. After installing


MySQL, you have to create a database and tables so that Snort can log its


activity into the database. After that you have to configure Snort using


snort.conf


 file so that it logs its data to the database server. 


  Install Apache. I would suggest using the RPM package that is part of RedHat


installation media. You can also download the latest version of Apache web


server from http://www.apache.org. 


  Download ACID from http://www.cert.org/kb/acid/ and uncompress it in


/var/www/html


 directory. This process creates a directory named 


acid


under 


/var/www/html


 directory. The Apache package that is part of the


RedHat distribution has its HTML files under 


/var/www/html


 directory.


Depending on your distribution, the directory may be different on your








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved