Installing Sagan on CentOS

snort 2012. 2. 1. 19:27 |
언제 짤릴지모르니까 퍼왔음
https://wiki.quadrantsec.com/bin/view/Main/SaganHOWTO 

 You need to add repositories for the libesmtp packages if needed. You can follow the tutorial to add the RPMForge and other repositories for YUM:

http://wiki.centos.org/AdditionalResources/Repositories/RPMForge?action=show&redirect=Repositories%2FRPMForge

Install the packages:
# yum install gcc gnutls-devel mysql mysql-devel mysql-client pcre pcre-devel libesmtp libesmtp-devel
[Note: The gnutls-devel are needed to compile libprelude if you want support for it during Sagan's install, if not you don't need them.]
In order not to confront a problem when building Sagan about mysqlclientl_r (Centos devel packages do not contain the headers necessary) You will need to download from MySQL site a mysql-shared-compat close to your database install version: http://downloads.mysql.com/archives/mysql-5.0/ or http://downloads.mysql.com/archives/mysql-5.1/
# yum info mysql     #  This will show your installed version
Example for MySQL-shared-compat-5.0.91-1.rhel5.i386.rpm :
# cd /tmp
# wget http://downloads.mysql.com/archives/mysql-5.0/MySQL-shared-compat-5.0.91-1.rhel5.i386.rpm
# yum localinstall MySQL-shared-compat-5.0.91-1.rhel5.i386.rpm
Now you can proceed to install libprelude if needed.

The libprelude from Atomic Corp repository libprelude-0.9.21.2-1.el5.art.i386.rpm will not satisfied Sagan's configuration buildup. You will need to download and build libprelude 1.0.0 from their site:
# cd /tmp
# wget http://www.prelude-technologies.com/download/releases/libprelude/libprelude-1.0.0.tar.gz
# tar xvfz libprelude-1.0.0.tar.gz
# cd /libprelude-1.0.0
# ./configure & make && make install
Now install Sagan as per documentation. [ SaganHOWTO ] 

[Note: Remember to use: ./configure --disable-postgresql to install Sagan if you don't need support for PostgreSQL or you will need to install it.]
-- ChampClark - 2010-11-18

'snort' 카테고리의 다른 글

snorby 설치  (0) 2012.02.14
barnyard2 설치  (0) 2012.02.08
snort 성능  (0) 2012.01.26
Snort for Mac OS X  (0) 2011.01.02
간단하게 이벤트 확인  (0) 2010.05.25
Posted by applicationlayer
:

mysql원격접근

programming/mysql 2012. 1. 27. 17:57 |
http://jonnychoe.egloos.com/5217253

'programming > mysql' 카테고리의 다른 글

mysql table size 변경  (0) 2012.04.18
시작/종료  (0) 2012.04.10
root비번을 잊어버렸을때..  (0) 2011.10.09
Posted by applicationlayer
:

snort 성능

snort 2012. 1. 26. 20:52 |
유료 드라이버 
http://www.ntop.org/solutions/idsips-acceleration-snort-suricata-bro/  

PF_RING를 이용한 inline테스트
http://www.snort.org/assets/186/PF_RING_Snort_Inline_Instructions.pdf  

드라이버별 성능치 비교
http://mikelococo.com/files/2011/2011_01_25-snort_performance.pdf

snort vs Suricata
suricata멀티코어 지원, 단일코어시 snort대비 1/4성능, snort so룰 지원X
http://mikelococo.com/2011/08/snort-capacity-planning/  

'snort' 카테고리의 다른 글

barnyard2 설치  (0) 2012.02.08
Installing Sagan on CentOS  (0) 2012.02.01
Snort for Mac OS X  (0) 2011.01.02
간단하게 이벤트 확인  (0) 2010.05.25
스노트 구축  (0) 2010.03.14
Posted by applicationlayer
:

티스토리툴바