This document will help a user install FreeBS D 4.7 Release, Snort 1.9.0, MySQL 3.23.53, and ACID-0.9.6b21. It will also guide the user through the process of securing the machine and getting the snort sensor(s) to log to a central database over stunnel. The intention is to give users that are new to any of the software the opportunity to build an enterprise-class system based completely on free, open-source tools. Following the instructions in this document will get you the following:
· Multiple FreeBSD boxes, one running the Windowmaker desktop. I chose Windowmaker because the intention of this tutorial is to create dedicated Snort machines. In other words Gnome and KDE are overkill for what we are doing here (and it looks nice).
· Locked-down machines (C2 in 2002!). I tried to be responsible with the securing of these boxes, but this is not a definitive guide to securing FreeBSD; there are several links to those at the end. If I have missed something obvious, feel free to point it out (nicely please) with your suggestion on exactly how to fix it.
· Multiple Snort sensors logging to a central MySql server/viewing station.
· An easy method of updating your software via the ports collection.
· The fastest NIDS for your money.

Content
Purpose of document
Assumptions
Setting up the viewing station
File system layout
Other installation details
On the initial boot
Updating your ports collection
X-windows
Installing and setting up PGP
Patching BSD
Verifying the PGP signature of the patch
Post-installation cleanup
Installing the necessary ports
Adding a user for Snort
Editing the necessary files
For Snort
For Apache
For ACID
Setting up intial MySQL functionality
Setting up MySQL to accept data from Snort
Setting up Stunnel
Mozilla
Preparing your firewall boot options
Kernel configuration
Setting up rules for IPFW
Setting up the sensor(s)
File system layout
Other installation details
On the initial boot
Updating your ports collection
Patching BSD
Post-installation cleanup
Installing the necessary ports
Adding a user for Snort
Editing the necessary files For Snort
Snort startup script
Setting up Stunnel
Preparing your firewall boot options
Kernel configuration
Setting up rules for IPFW
Miscellaneous
Things that the administrator should do on his/her own To-do list Example motd
Lists to subscribe to
Resources

Download Ebook How to Setup And Secure Snort, Mysql And Acid On Freebsd 4.7 Release (23 pages type pdf, 65 KB)

Technorati Tags: Linux Administration Ebooks