RE: Snort and php

["William Fitzgerald" <wfitzgerald () tssg org>]

go to snort source directory then 
./configure --prefix=/opt/snort OR ./configure --prefix=/opt/snort
--with-mysql for mysql support 
make
make install
copy the etc folder from your snort source to the /opt/snort/etc folder
copy the rules folder from your snort source to the /opt/snort/rules
folder
configure the snort.conf file to your needs. it should work in default
mode for most people.
 
run as follows:
/opt/snort/bin/snort -c /opt/snort/etc/snort.conf -i eth0
or for wirless
/opt/snort/bin/snort -c /opt/snort/etc/snort.conf -i ath0 but this needs
wireless support from snort-2.1.1 and patches see
<http://www.snort-wireless.org/> http://www.snort-wireless.org/
 
the look at your logs in /var/log/snort and/or look at your mysql tables
to see logged data.

-----Original Message-----
From: Plantier, Spencer [mailto:spencer.plantier () stratech com] 
Sent: 10 February 2005 13:34
To: wfitzgerald () tssg org
Subject: RE: [Snort-users] Snort and php



How do I get it to work without PHP?

 

Thanks,

 

 

Spencer


  _____  


From: William Fitzgerald [mailto:wfitzgerald () tssg org] 
Sent: Thursday, February 10, 2005 8:27 AM
To: Plantier, Spencer; snort-users () lists sourceforge net
Subject: RE: [Snort-users] Snort and php

 

Hi there,

 

I am new to Snort IDS too.

 

the answer to your question is NO. you will only need to have PHP and
ACID/BASE installed for frontend access.

 

regards,

Will

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Plantier,
Spencer
Sent: 10 February 2005 13:22
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort and php

Do I have to have php running to get snort IDS working?

Spencer Plantier

System Network Administrator

 

301 Gregson Dr

Cary, NC  27511

Office 919-379-8513

Cell    919-272-8833

spencer.plantier () stratech com