This repository was archived by the owner on May 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 14
Snorby on FreeBSD 9.0
magickal1 edited this page Feb 20, 2012
·
1 revision
THIS IS STILL BEING WRITTEN USE AT YOUR OWN RISK!!!
Note: This posting details how to get Snorby working with apache22 and passenger.
- You will have or will get
- FreeBSD 9.0R
- apache22
- ruby-gems
- ruby-iconv
- rake (gem)
- dbd_mysql (gem)
- passenger (gem)
- mysql
- snort
- barnyard2
- git
echo "RUBY_DEFAULT_VER=1.9" >> /etc/make.confTHIS IS STILL BEING WRITTEN USE AT YOUR OWN RISK!!! I am quite lazy so I dont like to baby sit installs so I use -DBATCH a lot. Do the following and go grab a coffee, something to eat or read and RFC cause this is going to take a bit
cd /usr/ports/lang/ruby19 make -DBATCH install clean cd /usr/ports/ftp/wget make -DBATCH install clean cd /usr/ports/textproc/flex make -DBATCH install clean cd /usr/ports/devel/pcre make -DBATCH install clean cd /usr/ports/net/libdnet/ make -DBATCH install clean cd /usr/ports/www/apache22 make -DBATCH install clean cd /usr/ports/devel/ruby-gems/ make -DBATCH install clean cd /usr/ports/converters/ruby-iconv/ make -DBATCH install clean cd /usr/ports/textproc/libxml2 make -DBATCH install clean cd /usr/ports/textproc/libxslt make -DBATCH install clean cd /usr/ports/graphics/ImageMagick make -DBATCH install clean cd /usr/ports/databases/mysql55-server/ make -DBATCH install clean chown mysql:mysql -R /var/db/mysql cd /usr/ports/devel/lwp make -DBATCH install clean cd /usr/ports/converters/wkhtmltopdf/ make -DBATCH install clean cd /usr/ports/www/p5-LWP-UserAgent-WithCache/ make -DBATCH install clean cd /usr/ports/security/p5-Crypt-SSLeay make -DBATCH install clean rehashTHIS IS STILL BEING WRITTEN USE AT YOUR OWN RISK!!! Snort needs a few options that are not enabled by default so we edit the options file THIS IS STILL BEING WRITTEN USE AT YOUR OWN RISK!!!
cat << EOF > /var/db/ports/snort/options # This file is auto-generated by 'make config'. # No user-servicable parts inside! # Options for snort-2.9.2.1 _OPTIONS_READ=snort-2.9.2.1 WITH_IPV6=true WITH_MPLS=true WITH_GRE=true WITH_TARGETBASED=true WITH_DECODERPRE=true WITH_ZLIB=true WITH_NORMALIZER=true WITH_REACT=true WITH_PERFPROFILE=true WITH_FLEXRESP3=true WITHOUT_MYSQL=true WITHOUT_ODBC=true WITHOUT_POSTGRESQL=true WITHOUT_PRELUDE=true WITH_LRGPCAP=true WITHOUT_SNORTSAM=true WITH_SOURCEFIRE=true WITHOUT_DBGSNORT=true EOF cd /usr/ports/security/snort make -DBATCH install clean rehash
THIS IS STILL BEING WRITTEN USE AT YOUR OWN RISK!!!
gem install prawn gem install rake gem install rails $ gem install dbd-mysql $ gem install passenger At this point you are ready to modify your database and email configuration for Snorby. If you have not done so, you should create a snort database (I have called mine snort and created a user "snorby" with password "snorby".. ok that's not really the password but for this writeup it is! This user has full access (not grant) to the snort database. I have also created the apt tables in this database using the create_mysql sql that is included in both Snorby and Snort! <pre> $ sudo cp /usr/local/www/Snorby/config/database.yml.example /usr/local/www/Snorby/config/database.yml $ sudo cp /usr/local/www/Snorby/config/email.yml.example /usr/local/www/Snorby/config/email.yml
Now choose your preferred editor and modify the /usr/local/www/Snorby/config/database.yml file.. we are only concerned with the production info... you can also modify the email.yml but don't have to for our current purposes.
Install additional gem requirements and setup Snorby to run!
$ cd /usr/local/www/Snorby && sudo rake gems:install ...output suppressed $ cd /usr/local/www/Snorby && sudo rake snorby:setup RAILS_ENV=production ...output suppressed