diff options
Diffstat (limited to 'network/snort/README.SLACKWARE')
| -rw-r--r-- | network/snort/README.SLACKWARE | 48 |
1 files changed, 0 insertions, 48 deletions
diff --git a/network/snort/README.SLACKWARE b/network/snort/README.SLACKWARE deleted file mode 100644 index 05fa4f438e..0000000000 --- a/network/snort/README.SLACKWARE +++ /dev/null @@ -1,48 +0,0 @@ -Snort has three primary functional modes. It can be used as a packet sniffer -like tcpdump(1), a packet logger (useful for network traffic debugging, etc), -or as a full blown network intrusion detection and prevention system. - -Please read the snort_manual.pdf file that should be included with this -distribution for full documentation on the program as well as a guide to -getting started. - -This package builds a very basic snort implimentation useful for monitoring -traffic as an IDS or packet logger and as a sort of improved tcpdump (which -is what I use it for). MySQL support is included, so you should have little -trouble hooking snort up to a database or ACID. For more information on -these, check out snort's homepage at: - - http://www.snort.org/ - http://www.snort.org/docs/ - -snort.org has a nasty habit of changing the location of their source -code, which means there's no garauntee that the link in snort.info is -correct. If you can't get that link to work, look for the source code at: - - http://www.snort.org/dl/old/ - -In order for Snort to function properly, you need to provide rule files. -I recommend registering for free at http://www.snorg.org so you can get these -files. Once you have done that, go to http://snort.org/pub-bin/downloads.cgi -and get the latest 2.8 series VRT Certified Rules. You need to untar this -file and place follow files from etc in the tarball in to your /etc/snort -directory : - -generators -gen-msg.map -sid -sid-msg.map - -If you are going to use a front end like Base, you should copy the -dog/signatures directory from the tarball in to -/usr/doc/snort-$VERSION/ . Last, but certainly not least, you must -copy the contents of the rules/ directory in the tarball to -/etc/snort/rules/ . After you've done this, you can safely restart -snort or send a HUP to snort to reload the files (killall -HUP snort). - -A rc.snort file has been included for your convenience, but it needs to be -added to your init script of choice to run on boot. You should modify the -variables in /etc/rc.d/rc.snort to reflect the interface you want to monitor. -This Slackbuild is no longer maintained by Alan Hicks, but rather me -(Thomas York), so email me instead if you have any questions. - --Thomas York (straterra@fuhell.com) |