- 2024.06.17.보안 day502024년 06월 17일 09시 09분 55초에 업로드 된 글입니다.작성자: 202401to07
시험 보는 날
Snort - Network Intrusion Detection & Prevention System
With over 5 million downloads and over 600,000 registered users, it is the most widely deployed intrusion prevention system in the world.
snort.org
10.10.10.100)
wget https://snort.org/downloads/snort/snort-2.9.20-1.centos.x86_64.rpm --no-check-certificate
C:\Users\Administrator>scp -r D:\Class231228jyj\0_share\snort-2.9.20-1.centos.x86_64.rpm root@10.10.10.100:/usr/local/src
rpm -ivh --nodeps snort-2.9.20-1.centos.x86_64.rpm
yum install epel* -y
yum groupinstall "Development Tools"
yum install libdnet* -y
yum install snort-2.9.20-1.centos.x86_64.rpm
snort -T -c /etc/snort/snort.conf
==> 안뜰거임
[root@localhost snort]# find / -name libdnet*
/usr/lib64/libdnet.so.1
/usr/lib64/libdnet.so.1.0.1
/usr/lib64/libdnet.so
/usr/share/doc/libdnet-1.12ln -s /usr/lib64/libdnet.so.1 /usr/lib64/libdnet.1
[ vi /etc/snort/snort.conf ]
104 #var RULE_PATH /etc/snort/rules
105 #var SO_RULE_PATH ../so_rules
106 #var PREPROC_RULE_PATH ../preproc_rules
107 var RULE_PATH /rules
108 var SO_RULE_PATH so_rules
109 var PREPROC_RULE_PATH preproc_rules116 #var WHITE_LIST_PATH ../rules
117 #var BLACK_LIST_PATH ../rules
118 var WHITE_LIST_PATH rules
119 var BLACK_LIST_PATH rules551 include $RULE_PATH/local.rules 에 아래에
552 include threshold.conf 추가하고그 밑에 다 지우기
우리가 하는건 베스천호스트이다 .
듀얼홈드호스트구조
베스천호스트
'보안' 카테고리의 다른 글
2024.06.19.보안 day52 (0) 2024.06.19 2024.06.18.보안 day51 (0) 2024.06.18 6/17 시험준비 (0) 2024.06.14 2024.06.14.보안 day49 (0) 2024.06.14 커널 포워딩 , IPTABLES , FOWARD (0) 2024.06.14 이전글이 없습니다.댓글