Snort mailing list archives
RE: Installing Snort on OpenBSD based on RH WS3 or FreeBSD doc's on snort site
From: "robert schwartz" <robert () mrsquirrel com>
Date: Thu, 1 Apr 2004 17:40:08 -0800
First, with OpenBSD, what's your concern about putting a default install of it on the network? Personally I say if you choose an OS that's secure by default you shouldn't worry abuot insecurity until you enable stuff. I'd highly recommend learning a bit about the OpenBSD package and port system first, but that's only 15 minutes of work to go from novice to expert. You want the binary packages from: ftp.openbsd.org/pub/OpenBSD/version/packages/i386 Where "version" is 3.4 or 3.3 depending on your OpenBSD build. Pick the nastiest package with the most dependencies and (depending on your shell): setenv pkg_path=ftp://ftp.openbsd.org/pathasstatedabove Then download the package you want and install it with pkg_add. All the dependencies will get auto-installed from the ftp server via the environment varialbe set. Alternatively, you have a list of packages you know you want, just download them all into the same directory and the package system will deal with dependencies for you. The hardest part of installing all this stuff on OpenBSD is trusting that it is indeed THIS easy. I would install the PHP and all supporting lib's via pkg or port (ports tree has better post-install instructions for PHP btw). Do not use a freebsd port on openbsd. I would get the snort2.x source and compile that manually though, since Snort development outpaces most binary packaging systems. Certainly do the mysql stuff with pkg's or ports. If you choose to check out the ports tree (http://www.openbsd.org/anoncvs.html for instructions to check out the ports tree) all dependencies are automagically dealt with for you without muss or fuss. Keep in mind OpenBSD's apache runs CHROOTEd by default so you have to change the rc.conf so httpd launched "-u -DSSL" after reading the ssl man page and following the instructions for creating and signing a cert. That's the only "gotcha" specific to openbsd. Some brave souls managed to make ACID run chrooted but that's superadvanced and dubiously beneficial IMHO. Feel free to shoot me mail offlist if you hit a sticking point I might be able to give you a quick and dirty hack/workaround/fix for your issue.
-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Jacob, Raymond A Jr Sent: Thursday, April 01, 2004 4:31 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Installing Snort on OpenBSD based on RH WS3 or FreeBSD doc's on snort site I am trying to figure what packages to install to get an OpenBSD box up and running. I was planning on manually downloadind and installing the following packages based on the RH WS3 document http://www.internetsecurityguru.com/documents/snort_acid_rhws3.pdf using the following shell script. set HTTP_Proxy=http://proxy wget http://www.snort.org/dl/snort-2.1.2.tar.gz wget http://mysql.secsup.org/Downloads/MySQL-5.0/mysql-debug-5.0.0- alpha-unknown-openbsd3.4-i386.tar.gz wget http://www.apache.org/dist/httpd/apache_1.3.29.tar.gz wget http://www.modssl.org/source/mod_ssl-2.8.16-1.3.29.tar.gz wget http://www.php.net/distributions/php-4.3.5.tar.gz wget http://phplens.com/lens/dl/adodb421.tgz wget http://www.snort.org/dl/contrib/data_analysis/acid/acid-0.9.6b 23.tar.gz wget ftp://ftp.info-zip.org/pub/infozip/zlib/zlib-1.1.4.tar.gz wget http://members.chello.se/jpgraph/jpgdownloads/jpgraph-1.14.tar.gz wget http://www.tcpdump.org/release/libpcap-0.8.3.tar.gz and burning the packages to CDs and installing them on the box, so I don't have to connect to the network until acceptance testing complete. Since, I am under the gun so I may have to connect to the network to get the snort, acid, apache,... installed. If I have to do this I was planning on using the ports system mentioned in the document based on FreeBSD to install the packages http://www.snort.org/docs/FreeBSD47RELEASE-Snort-MySQLVer1-3.p
df and run the following commands. 1. Change directory to /usr/ports/www/mozilla 2. make install clean 1. Change directory to /usr/ports/ftp/wget 2. make install clean 1. Change directory to /usr/ports/graphics/phplot 2. make WITH_X11=yes 3. When presented with a menu of options to configure into phplot, choose GD 2, then hit ok. 4. make install clean 1. Change directory to /usr/ports/databases/adodb 2. make install clean 1. Change directory to /usr/ports/security/stunnel 2. make install clean 1. Change directory to /usr/ports/security/snort 2. make -DWITH_MYSQL -DWITH_FLEXRESP ; make install 3. cp /usr/ports/security/snort/work/snort-1.9.0/contrib/create_mysql /tmp 1. Change directory to /usr/ports/security/acid 2. make install clean question: What packages(and locations) are need to install Snort, Acid, Apache, PCAP, adodb, (mozilla), get, phplot/zlib/jpgraph, php on an OpenBSD system? thank you, Raymond ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=ick _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Installing Snort on OpenBSD based on RH WS3 or FreeBSD doc's on snort site Jacob, Raymond A Jr (Apr 01)
- RE: Installing Snort on OpenBSD based on RH WS3 or FreeBSD doc's on snort site robert schwartz (Apr 01)