Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace:
сервис_snortsam

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
сервис_snortsam [2015/06/05 08:55]
val [cisco router acl tftp] 		сервис_snortsam [2017/12/06 09:10] (current)
val [Ubuntu]
Line 1: Line 1:
 ====== Сервис SNORTSAM ====== ====== Сервис SNORTSAM ======
  
-[[http://​www.snortsam.net/​]] +  * [[http://​www.snortsam.net/​|Старый сайт]] 
 +  * [[https://​github.com/​firnsy/​barnyard2/​blob/​master/​doc/​README.snortsam|barnyard2 github snortsam]] 
 +  * [[https://​github.com/​blox-org/​snortsam|github blox snortsam]]
 ===== Установка пакета ===== ===== Установка пакета =====
  
Line 14: Line 15:
 </​code>​ </​code>​
  
-==== Ubuntu ​14.04 ====+==== Debian/Ubuntu ====
  
 Не поддерживается Не поддерживается
Line 88: Line 89:
 </​code><​code>​ </​code><​code>​
 ... ...
-# ciscoacl 192.168.X.1 ​student/tacacs ​cisco /​usr/​local/​etc/​snortsam/​snortsam.acl+# ciscoacl 192.168.X.1 ​user1/tpassword1 ​cisco /​usr/​local/​etc/​snortsam/​snortsam.acl
 # ciscoacl 192.168.X.1 cisco cisco /​usr/​local/​etc/​snortsam/​snortsam.acl # ciscoacl 192.168.X.1 cisco cisco /​usr/​local/​etc/​snortsam/​snortsam.acl
 </​code>​ </​code>​
Line 94: Line 95:
 ==== cisco router acl tftp ==== ==== cisco router acl tftp ====
  
-Настройка+=== Настройка ​===
 <​code>​ <​code>​
 server# cat /​tftpboot/​snortsam.acl server# cat /​tftpboot/​snortsam.acl
Line 109: Line 110:
  ​permit tcp any any established  ​permit tcp any any established
  ​deny ​  ip any any log  ​deny ​  ip any any log
 +end
 </​code><​code>​ </​code><​code>​
 server# cat snortsam.tftp server# cat snortsam.tftp
 </​code><​code>​ </​code><​code>​
-copy tftp://​192.168.X.1/ running-config+copy tftp://​192.168.X.10/ running-config
 </​code><​code>​ </​code><​code>​
 server# cat snortsam.conf server# cat snortsam.conf
Line 119: Line 121:
 # ciscoacl 192.168.X.1 cisco cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp # ciscoacl 192.168.X.1 cisco cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp
 # ciscoacl 192.168.X.1 student/​tacacs cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp # ciscoacl 192.168.X.1 student/​tacacs cisco snortsam.acl|/​usr/​local/​etc/​snortsam/​snortsam.tftp
-</​code><​code>​ 
-server# cd /tftpboot/ 
 </​code>​ </​code>​
  
-Запуск+=== Запуск ​===
  
 <​code>​ <​code>​
 +server# cd /tftpboot/
 +
 [server:/​tftpboot] # snortsam /​usr/​local/​etc/​snortsam/​snortsam.conf [server:/​tftpboot] # snortsam /​usr/​local/​etc/​snortsam/​snortsam.conf
 +
 +server# cat /​usr/​local/​etc/​rc.d/​snortsam
 +</​code><​code>​
 +...
 +cd /tftpboot/
 +
 +run_rc_command "​$1"​
 </​code>​ </​code>​
  
Line 140: Line 149:
  
 <​code>​ <​code>​
-[server:~] # /​usr/​local/​etc/​rc.d/​snortsam rcvar+[server:~] # service ​snortsam rcvar
  
-[server:~] # /​usr/​local/​etc/​rc.d/​snortsam start+[server:~] # service ​snortsam start
 </​code>​ </​code>​
  
сервис_snortsam.1433483700.txt.gz · Last modified: 2015/06/05 08:55 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki