User Tools
сервис_barnyard2
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
сервис_barnyard2 [2015/06/03 10:26] val |
сервис_barnyard2 [2016/11/16 08:56] (current) val [Ubuntu 14.04] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Сервис BARNYARD2 ====== | ====== Сервис BARNYARD2 ====== | ||
| + | * [[https://github.com/firnsy/barnyard2/blob/master/doc/README.snortsam|barnyard2/doc/README.snortsam]] | ||
| + | * [[https://github.com/firnsy/barnyard2/issues/127|snort generate logs,barnyard2 can not read records]] | ||
| + | |||
| + | ===== Ubuntu ===== | ||
| + | |||
| + | * [[http://computer-outlines.over-blog.com/article-nids-snort-barnyard2-apache2-base-with-ubuntu-14-04-lts-123532107.html|SNORT / Barnyard2 / MySQL / BASE with Ubuntu 14.04 LTS]] | ||
| + | |||
| + | ===== FreeBSD ===== | ||
| + | |||
| + | * [[http://www.itcooky.com/?p=3108|Установка на FreeBSD 9 системы анализа Snort и блокировки SnortSAM зловредного трафика!]] | ||
| <code> | <code> | ||
| # pkg install barnyard2 # no need, install as snort dependence | # pkg install barnyard2 # no need, install as snort dependence | ||
| Line 22: | Line 32: | ||
| 1000001: src, 2 min | 1000001: src, 2 min | ||
| </code><code> | </code><code> | ||
| + | # service snort stop | ||
| + | |||
| + | # rm /var/log/snort/* | ||
| + | |||
| + | # service snort start | ||
| + | |||
| # /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort/ -f snort.log | # /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort/ -f snort.log | ||
| # cat /etc/rc.conf | # cat /etc/rc.conf | ||
| - | ... | ||
| </code><code> | </code><code> | ||
| + | ... | ||
| barnyard2_enable=yes | barnyard2_enable=yes | ||
| barnyard2_flags="-D -d /var/log/snort/ -f snort.log" | barnyard2_flags="-D -d /var/log/snort/ -f snort.log" | ||
| + | </code><code> | ||
| + | # service barnyard2 start | ||
| + | </code> | ||
| + | |||
| + | ==== Принцип отбора правил ==== | ||
| + | |||
| + | <code> | ||
| + | # cat classification.config | ||
| + | </code><code> | ||
| + | ... | ||
| + | config classification: web-application-attack,Web Application Attack,1 | ||
| ... | ... | ||
| </code> | </code> | ||
| + | |||
сервис_barnyard2.1433316413.txt.gz · Last modified: 2015/06/03 10:26 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
