Instalando e Integrando o SWATCH com SNORT
Publicado por Marcos Pitanga 19/05/2005
[ Hits: 7.328 ]
Homepage: hpc.edools.com
Este script automatiza a instalacao do Simple WATCH para respostas em tempo real no NIDS Snort.
#!/bin/sh # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # This script installed Simple Log WATCH (SWATCH) with Network Intrusion Detect System Snort # # by: Marcos Pitanga <mpitanga@gplus.com.br> # Wed Sep 1 21:00:19 BRT 2004 inicial() { clear echo -e "****************************************************************************" echo -e "** Este script facilita o procedimento de instalacao do Simple Log WATCH **" echo -e "** Snort Network Intrusion Detection System **" echo -e "** By Marcos Pitanga **" echo -e "****************************************************************************" sleep 5 } declare_vars() { SWATCH_DIR="/usr/local/swatch_fontes" MAKE="`which make`" MKDIR="`which mkdir`" SED="`which sed`" TAR="`which tar`" COPY="`which cp`" WGET="`which wget`" PERL="`which perl`" CONFIG="./configure" # Crio o diretorio para os fontes if [ ! -d $SWATCH_DIR ]; then mkdir -p $SWATCH_DIR fi } downloads() { echo "Baixando os pacotes. Espere um pouquinho." echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources cd $SWATCH_DIR if [ ! -e swatch-3.1.1.tar.gz ]; then $WGET http://voxel.dl.sourceforge.net/sourceforge/swatch/swatch-3.1.1.tar.gz >> /var/log/downloads_sources 2>&1 fi cd $SWATCH_DIR echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources } instala_modulos_perl() { $PERL -e 'use CPAN; install Date::Calc' $PERL -e 'use CPAN; install Date::Parse' $PERL -e 'use CPAN; install File::Tail' $PERL -e 'use CPAN; install Time::HiRes' $PERL -e 'use CPAN; install Date::Manip' } instala_swatch() { echo "Instalando o SWATCH." echo "[ Instalando $package_name ]" >> /var/log/swatch_source swatch_source=$package_name swatch_dir=`echo $swatch_source | sed s/\.tar\.gz//` $TAR -xzf $swatch_source >> /var/log/swatxh_source 2>&1 cd $swatch_dir >> /var/log/swatch_source 2>&1 $PERL Makefile.PL $MAKE >> /var/log/swatch_source 2>&1 $MAKE test >> /var/log/swatch_source 2>&1 $MAKE install >> /var/log/swatch_source 2>&1 $MAKE realclean >> /var/log/swatch_source 2>&1 cd $SWATCH_DIR >> /var/log/swatch_source 2>&1 echo "[ Fim da instalacao do SWATCH ]" >> /var/log/swatch_source } cria_arquivo() { echo -e " watchfor /.*/ bell echo bold mail address=pitanga,subject= - NIDS Snort Alerta!!! - - throttle 00:00:10" >> /var/log/.swatchrc echo -e "swatch -c /var/log/.swatchrc -t /var/log/snort/alert" >>/etc/rc.d/rc.local } fim_instalacao() { echo "Pacotes instalados." } inicial declare_vars downloads package_name=`ls swatch-3.1.1.tar.gz` instala_modulos_perl instala_swatch cria_arquivo fim_instalacao
Verificar conexão com Internet
Verifica Falha Humana de Segurança em e-mail (usada por SPAMERS)
instalando o unbound dns no debian via script
Nenhum coment�rio foi encontrado.
Comparação entre os escalonadores BFQ e MQ-Deadline (acesso a disco) no Arch e Debian
Conciliando o uso da ZRAM e SWAP em disco na sua máquina
Servidor de Backup com Ubuntu Server 24.04 LTS, RAID e Duplicati (Dell PowerEdge T420)
Visualizar câmeras IP ONVIF no Linux sem necessidade de instalar aplicativos
Converter os repositórios Debian para o novo formato com as chaves
Instalando Spotify no Debian 13
Realizar overclock no Miyoo Mini (plus ou normal)
Monitoramento pfsense com zabbix (4)
Erro na inicialização do Debian como resolver (5)
Dúvidas sobre a originalidade de conteúdos online (11)
linux mint reconhece microfone de lapela como fone de ouvido sem micro... (4)