[Snort-users] OT: Debian\Snort Howto

Joel Esler jesler at ...1935...
Tue Feb 15 14:59:07 EST 2011


With Jason's permissions and coordination, I've posted this on http://snort.org/docs for all!

Thanks Jason!

Joel

On Feb 15, 2011, at 11:56 AM, Weir, Jason wrote:

> I just finished a write-up on installing and configuring a Debian\Snort
> based IDS..
> 
> It includes everything you need to capture and log snort events to
> mysql, it uses base as the web front end and pulled pork keeping the
> rules up to date..
> 
> https://files.nhrs.org/deb_snort_howto.pdf
> 
> It includes the latest versions of the following:
> 
> Debian 6.0 Squeeze
> Snort 2.9.0.4
> Barnyard2 1.9
> Base 1.4.5
> 
> Takes about an hour start to finish...Not Joel's 15 minutes but not too
> shabby...
> 
> I hope it helps someone get started, I know the original helped me years
> back..
> 
> Let me know if you find any errors, typos or otherwise..
> 
> -Jason
--
Joel Esler
jesler () sourcefire.com
http://blog.snort.org && http://blog.clamav.net





More information about the Snort-users mailing list