构建网络安全长城之烽火台的建立(5)

　　E.让apache在以运行级3、5启动的时候能够自动运行

　　[root@netserver php-4.3.3]#cp apachectl /etc/init.d/httpd
　　[root@netserver php-4.3.3]#chmod 755 /etc/init.d/httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc3.d/S85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc3.d/K85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc5.d/S85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc5.d/K85httpd
　　[root@netserver php-4.3.3]#cd ../

　　然后在浏览器输入 http://该机ip地址/test.php 查看关于Apache/PHP的信息

　　7、安装Snort和过滤规则

　　A. 编译安装Snort

　　[root@netserver ids]#groupadd snort
　　[root@netserver ids]#useradd -g snort snort
　　[root@netserver ids]#mkdir /etc/snort
　　[root@netserver ids]#mkdir /etc/snort/rules
　　[root@netserver ids]#mkdir /var/log/snort
　　[root@netserver ids]#tar -xvzf snort-2.0.2.tar.gz
　　[root@netserver ids]#cd snort-2.0.2
　　[root@netserver snort-2.0.2]#./configure --with-mysql=/usr/local/mysql --enable-flexresp --with-libpcap-includes=/usr/local/libpcap/include --with-libpcap-libraries=/usr/local/libpcap/lib (此语句请写成一行)
　　[root@netserver snort-2.0.2]#make
　　[root@netserver snort-2.0.2]#make install

　　B. 设置规则，我们这里为了方便，直接使用Snort自带的规则

　　[root@netserver snort-2.0.2]#cp rules/* /etc/snort
　　[root@netserver snort-2.0.2]#cp etc/.conf /etc/snort
　　[root@netserver snort-2.0.2]#cp *.conf /etc/snort

　　C.编辑snort.conf文件

　　[root@netserver snort-2.0.2]#vi /etc/snort/snort.conf

　　将以下几行的值改变为所写的：

　　var RULE_PATH /etc/snort/rules/
　　output database: log, mysql, user=snort password=(你的密码) dbname=snort host=localhost

　　D.让snort在以运行级3、5启动的时候能够自动运行

　　snort. (cp contrib/S99snort /etc/init.d/snort) Change the following lines:
　　[root@netserver snort-2.0.2]#cp contrib/S99snort /etc/init.d/snort

　　编辑snort文件，修改下面两行

　　[root@netserver snort-2.0.2]#vi /etc/init.d/snort
　　CONFIG=/etc/snort/snort.conf
　　SNORT_GID=snort

　　[root@netserver snort-2.0.2]#chmod 755 /etc/init.d/snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc3.d/S99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc3.d/K99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc5.d/S99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc5.d/K99snort

　　E.在MySQL中设置Snort需要的库

　　[root@netserver snort-2.0.2]#/usr/local/mysql/bin/mysql
　　mysql＞ SET PASSWORD FOR root@localhost=PASSWORD('你的root的密码')；
　　＞Query OK, 0 rows affected (0.25 sec)
　　mysql＞ create database snort；
　　＞Query OK, 1 row affected (0.01 sec)
　　mysql＞ grant INSERT,SELECT on root.* to snort@localhost；
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ SET PASSWORD FOR snort@localhost=PASSWORD('你的snort的密码')
　　＞Query OK, 0 rows affected (0.25 sec)
　　mysql＞ grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort@localhost
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ exit
　　＞Bye

原文转自：http://www.ltesting.net