Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
сервис_snortsam

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
сервис_snortsam [2015/06/03 11:13]
val [Подключение Snort к Snortsam] 		сервис_snortsam [2016/03/30 11:20]
val [cisco router acl telnet]
Line 40: Line 40:
  
 ==== ipfilter ==== ==== ipfilter ====
-<​code>​ 
-# touch /​etc/​ipf.rules 
  
-cat /​etc/​rc.conf +  * [[Сервис Firewall#FreeBSD ​ipfilter]]
-</​code><​code>​ +
-... +
-ipfilter_enable=yes +
-</​code><​code>​ +
-# /etc/rc.d/ipfilter ​start+
  
 +<​code>​
 # cat snortsam.conf # cat snortsam.conf
 </​code><​code>​ </​code><​code>​
Line 55: Line 49:
 ipf em1 ipf em1
 </​code>​ </​code>​
- 
 ==== ipfw2 ==== ==== ipfw2 ====
  
Line 95: Line 88:
 </​code><​code>​ </​code><​code>​
 ... ...
-# ciscoacl 192.168.X.1 ​student/tacacs ​cisco /​usr/​local/​etc/​snortsam/​snortsam.acl +# ciscoacl 192.168.X.1 ​user1/tpassword1 ​cisco /​usr/​local/​etc/​snortsam/​snortsam.acl 
-# ciscoacl 192.168.X.1 cisco cisco /​etc/​snortsam/​snortsam.acl+# ciscoacl 192.168.X.1 cisco cisco /usr/local/​etc/​snortsam/​snortsam.acl
 </​code>​ </​code>​
  
 ==== cisco router acl tftp ==== ==== cisco router acl tftp ====
  
-Настройка+=== Настройка ​===
 <​code>​ <​code>​
 server# cat /​tftpboot/​snortsam.acl server# cat /​tftpboot/​snortsam.acl
Line 116: Line 109:
  ​permit tcp any any established  ​permit tcp any any established
  ​deny ​  ip any any log  ​deny ​  ip any any log
 +end
 </​code><​code>​ </​code><​code>​
 server# cat snortsam.tftp server# cat snortsam.tftp
 </​code><​code>​ </​code><​code>​
-copy tftp://​192.168.X.1/ running-config+copy tftp://​192.168.X.10/ running-config
 </​code><​code>​ </​code><​code>​
 server# cat snortsam.conf server# cat snortsam.conf
 </​code><​code>​ </​code><​code>​
 ... ...
 +# ciscoacl 192.168.X.1 cisco cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp
 # ciscoacl 192.168.X.1 student/​tacacs cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp # ciscoacl 192.168.X.1 student/​tacacs cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp
-# ciscoacl 192.168.X.1 student/​tacacs cisco snortsam.acl|/​etc/​snortsam/​snortsam.tftp 
-</​code><​code>​ 
-server# cd /tftpboot/ 
 </​code>​ </​code>​
  
-Запуск+=== Запуск ​===
  
 <​code>​ <​code>​
 +server# cd /tftpboot/
 +
 [server:/​tftpboot] # snortsam /​usr/​local/​etc/​snortsam/​snortsam.conf [server:/​tftpboot] # snortsam /​usr/​local/​etc/​snortsam/​snortsam.conf
 +
 +server# cat /​usr/​local/​etc/​rc.d/​snortsam
 +</​code><​code>​
 +...
 +cd /tftpboot/
 +
 +run_rc_command "​$1"​
 </​code>​ </​code>​
  
Line 147: Line 148:
  
 <​code>​ <​code>​
-[server:~] # /​usr/​local/​etc/​rc.d/​snortsam rcvar+[server:~] # service ​snortsam rcvar
  
-[server:~] # /​usr/​local/​etc/​rc.d/​snortsam start+[server:~] # service ​snortsam start
 </​code>​ </​code>​
  
сервис_snortsam.txt · Last modified: 2017/12/06 09:10 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki