Wednesday, August 04, 2010

We'LL

We'll shine like stars in the summer night/We'll shine like stars in the winter light/One heart, one hope, one love .

this is howto install suricata

Open a root terminal, copy, paste, and press enter for each of the following lines:

sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf automake libtool libpcap-dev libnet1-dev libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0

sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0

wget http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-0.6.4.tar.gz

tar -xzvf libcap-ng-0.6.4.tar.gz

cd libcap-ng-0.6.4

./configure && make && sudo make install

apt-get install libhtp1

apt-get install libhtp-dev

wget http://www.openinfosecfoundation.org/download/suricata-1.0.0.tar.gz

tar -xvzf suricata-1.0.0.tar.gz

cd suricata-1.0.0

./configure --enable-nfqueue

sudo mkdir /var/log/suricata/

make

make install

mkdir /etc/suricata

apt-get install checkinstall

checkinstall

dpkg -i suricata_1.0.0-1_i386.deb

cp classification.config suricata.yaml /etc/suricata/

mkdir /etc/suricata/rules

cd /etc/suricata/rules

wget http://www.emergingthreats.net/rules/emerging-attack_response.rules

wget http://www.emergingthreats.net/rules/emerging-scan.rules

wget http://www.emergingthreats.net/rules/emerging-exploit.rules

wget http://www.emergingthreats.net/rules/emerging-current_events.rules

wget http://www.emergingthreats.net/rules/emerging-voip.rules

wget http://www.emergingthreats.net/rules/emerging-malware.rules

wget http://www.emergingthreats.net/rules/emerging-dos.rules

wget http://www.emergingthreats.net/rules/emerging-drop.rules

wget http://www.emergingthreats.net/rules/emerging-compromised.rules

wget http://www.emergingthreats.net/rules/emerging-dshield.rules

wget http://www.emergingthreats.net/rules/emerging-botcc.rules

wget http://www.emergingthreats.net/rules/emerging-rbn.rules

wget http://www.emergingthreats.net/rules/emerging-virus.rules

cd /etc/suricata/

sudo vi suricata.yaml

suricata -D -c /etc/suricata/suricata.yaml -s /etc/suricata/classification.config -i wlan0

source : http://doc.emergingthreats.net/bin/view/Main/SuricataUbuntuSetup

2 comments:

  1. 22757 ? Ssl 0:00 suricata -D -c /etc/suricata/suricata.yaml -s /etc/suricata/classification.config -i eth1

    ReplyDelete
  2. implementation in ubuntu
    root@queenara:/var/log/suricata# uname -a ; id ; root
    Linux queenara 2.6.28-19-server #61-Ubuntu SMP Thu May 27 00:22:27 UTC 2010 x86_64 GNU/Linux
    uid=0(root) gid=0(root) groups=0(root)

    ReplyDelete