Month: November 2009

SNORT(IDS/IPS) Configuration and Implemenation

Lets start how to install SNORT which is An Intrusion detection system (IDS) and an Intrusion Prevention System (IPS). We tested installation of SNORT on RHEL5. Step1 : Download following packageslibpcap-1.0.0.tar.gzpcre-8.00.tar.gzlibnet-1.0.2a.tar.gz (This is optional package if you want SMB popup alerts on window’s machines.)snort-2.8.5.1.tar.gzacid-0.9.6b23.tar.gz Note : Don’t try to install SNORT through rpm packages, try to install them from source packages because there will be so many dependencies. And install the above packages in the same order to resolve dependencies. Step2 : Untar packages one by one.#tar xvfz packagename.tar.gz Step3 : Change the directory to libpcap-1.0.0 and Just run ./configure shell script, this will check system attributes and generate make file, which is used to install libpcap package as following. #cd libpcap-1.0.0 #./configuration #make #make install Note : If anything goes wrong please search that error message in google.. Step4 : After installing libpcap install pcre package for doing regular expression query in checking the packet capture to match multiple entries. First change the directory to pcre-8.00 then start executing following commands #cd ../pcre-8.00 #./configure #make #make check #make install Step5 : Now install libnet package..#cd ../libnet-1.0.2a#./configure#make#make check#make install Step6 : Now install the important package in our game of implementing IDS/IDP ie our SNORT package. Just follow below commands to install SNORT. You have to be careful in this step because we can install SNORT in standalone system...

Read More

How To Uninstall A Source Package?

In Linux we can install packages in so many ways such as: #rpm –ivh packagename.ver.arch.rpm This is to install from rpm package manager #yum install packagenameThis is installing through yum which will use rpm package manager internally #apt-get install packagenameThis is for installing .deb packages #sh file.shThis is from a shell script. #./configure;make;make check;make installThis is to install from source package. Etc. but when we want to uninstall above packages we will use package removing commands as below #rpm –e packagename For uninstalling an rpm package, which are installed through rpm/yum #yum remove packagenameUninstalling through yum… Etc… But what about uninstalling source package? How to uninstall a source package?This can be done in two ways Way1 : If we have still the source code with us in our system, then it’s very much easy to uninstall as shown below #cd sourcefolderpath #make uninstall This will completely install the package/software Way2 : If you don’t have source code with you. This is really hard way to do it, we have to go to so many locations/folders where that package created supported files. Some common locations for a package files is as follows /etc/packagename /var/log/packagename /usr/local/packagename /bin/ /sbin/ /usr/bin/ /usr/sbin/ /usr/share/doc/packagename Etc.. so we have to go to each folder and have to remove all the files whose name contains packagename. Note : If you install any package through source package,...

Read More

How To Log DNS Server Activity?

How to log DNS server activity? Ans : Sometimes you require to log DNS server activity to a file for future reference for analyse the activity on DNS server and whether DNS server is properly resolving accurately or not. rndc(remote name daemon control) is the command to use for DNS server activity logging. Let’s have a look how to log DNS server activity. In order to log DNS server entries just execute below command (you have to do this one as root user) #rndc querylog Note : When you execute the above command DNS server activity is logged on...

Read More

Over 16,000 readers, Get fresh content from “The Linux juggernaut”

Email Subscribe

ABOUT ME..!

My photo
My name is Surendra Kumar Anne. I hail from Vijayawada which is cultural capital of south Indian state of Andhra Pradesh. I am a Linux evangelist who believes in Hard work, A down to earth person, Likes to share knowledge with others, Loves dogs, Likes photography. At present I work at Bank of America as Sr. Analyst Systems and Administration. You can contact me at surendra (@) linuxnix dot com.