-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathINSTALL
83 lines (55 loc) · 2.14 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
DEPENDENCIES:
- Perl POE
- Perl YAML::Tiny
- Perl Module::Pluggable
- Perl JSON
- Perl Log-Dispatch
UBUNTU INSTALL:
# sudo apt-get install libpoe-perl libdbd-mysql-perl libyaml-tiny-perl libjson-perl libmodule-pluggable-perl liblog-dispatch-perl
FEDORA INSTALL
# sudo yum install perl-POE perl-YAML-Tiny perl-TimeDate perl-JSON perl-Digest-SHA perl-Log-Dispatch perl-AnyEvent
FREEBSD INSTALL (v8.2 with "Minimal" base install)
# pkg_add -r perl p5-POE p5-YAML-Tiny p5-Module-Pluggable p5-JSON p5-Log-Dispatch p5-DBI p5-DBD-mysql55 mysql55-client mysql55-server
(Optional if using GIT for install): # pkg_add -r git
# rehash
If you want to run the client
# pkg_add -r p5-Term-ReadKey
Date::Format Perl module is not in ports or packages
# cpan Date::Format
NOTES:
* Node/CXTRACKER works with cxtracker version 0.9.6 and above.
** cxtracker needs the option "-f nsmf" for the correct format.
* Node/BARNYARD2 works with barnyard2 version 2.1.10-beta1 (Build 266) and above.
** in barnyard2.conf: output platypus: agent_port=7060
MySQL SETUP:
mysql> GRANT USAGE ON *.* TO 'echidna'@'localhost' IDENTIFIED BY 'passw0rd.';
mysql> GRANT CREATE,SELECT,INSERT,UPDATE,DELETE,CREATE ROUTINE,EXECUTE ON echidna.* TO 'echidna'@'localhost';
mysql> flush privileges;
SIMPLE INSTALL - SERVER AND NODES ON THE SAME HOST (EXAMPLE)
GIT:
# cd /usr/local/
# git clone git://github.com/gamelinux/echidna.git
# cd echidna
START Echidna Server Component:
# perl server/server
START Echidna Nodes Components:
# perl nodes/cxtracker
# perl nodes/barnyard2
...
# perl nodes/<component>
NOTES:
* Config files are in etc/<nodename>.yaml - You might need to change something!
* Other dependent software needs to be running (snort/barnyard/cxtracker.....)
** For Ubuntu 10.04, see: https://launchpad.net/~ebf0/+archive/nsmframework for prebuild packages
CXTRACKER:
$ git clone git://github.com/gamelinux/cxtracker.git
$ cd cxtracker/src/
# Depends on libpcap - so install that on your system
$ make
# One way to run cxtracker:
$ mkdir /var/lib/cxtracker/
$ cxtracker -i eth1 -d /var/lib/cxtracker/ -D -f nsmf
SNORT:
...
BARNYARD2:
...