tarボールから入れようとしたけど、いろいろと足りないものが多そうだったので、もう、apt-get installで必要そうなものは全部ぶち込んだ。(なげやり
主に以下のサイトを参考に作った。
Snort + BASE インストール メモ
http://grin.flagbind.jp/archives/2004/12/_snort_base.html
MySQL起動
# mysqld_safe &
Starting mysqld daemon with databases from /usr/local/mysql/var
起動確認
# mysqladmin ping
mysqld is alive
パスワード設定
# mysqladmin -u root password '設定するパスワード'
匿名ユーザの削除
/usr/local/mysql/bin/mysql -u root -p
mysql > USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql > DELETE FROM user WHERE password='';
Query OK, 3 rows affected (0.00 sec)
mysql > exit;
snortユーザの登録
# mysqladmin -u root -p create snort
Enter password:
snort用のテーブルの作成
# cd /root/work/
# tar zxvf snort-2.4.3.tar.gz
# cd /root/work/snort-2.4.3/schemas
# mysql -u root -p < create_mysql snort
# mysqladmin -u root -p reload
# mysql -u root -p
mysql> use snort;
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9 to server version: 4.0.25-standard
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use snort;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
| data |
| detail |
| encoding |
| event |
| icmphdr |
| iphdr |
| opt |
| reference |
| reference_system |
| schema |
| sensor |
| sig_class |
| sig_reference |
| signature |
| tcphdr |
| udphdr |
16 rows in set (0.00 sec)
snortユーザの作成と権限の付与
#
mysql -D
mysql -u root -p
mysql> grant insert,select,create,delete,update,
drop on
snort.* to
snort@
localhost identified by 'パスワード';
st identified by 'パスワード';
Query OK, 0 rows affected (0.00 sec)
mysql> exit;
