Requirements:
Snort
Guardian
承接入侵偵測系統(IDS) - Snort一文
1. 下載Guardian
wget http://www.chaotic.org/guardian/guardian-1.7.tar.gz
2. 接壓縮Guardian
tar -zxvf guardian-1.7.tar.gz
3. 配置Guardian環境
cd guardian-1.7
cp scripts/guardian_block.sh /usr/local/bin/guardian_block.sh
cp scripts/guardian_unblock.sh /usr/local/bin/guardian_unblock.sh
cp guardian.conf /etc/
cp guardian.pl /usr/local/bin/
vi /etc/guardian.conf
AlertFile /var/log/snort/alert
touch /var/log/guardian.log
4. 啟動服務
/usr/local/bin/guardian.pl -c /etc/guardian.conf
5. 設定開機啟動
vi /etc/rc.local
/usr/local/bin/guardian.pl -c /etc/guardian.conf
參考文章:
http://www.chaotic.org/guardian/
沒有留言:
張貼留言