snortattack

Stiamo  testando il progetto snort inline :

link. http://snort-inline.sourceforge.net

una versione modificata di snort, usa le libdnet ed ha una
licenza diversa,

link. http://libdnet.sourceforge.net/ 

a breve script per debian e aggiungero' al fast_inline
una opzione per installare snort_inline, snort o entrambi

intanto godetevi alcuni comandi per debian :

vi /etc/apt/sources.list

### Debian Ufficiale -- Testing
deb http://ftp.it.debian.org/debian/ testing main non-free contrib

### Debian Ufficiale -- Testing Sicurezza
deb http://security.debian.org/ testing/updates main contrib non-free

### Debian Ufficiale -- Sid
deb http://ftp.it.debian.org/debian/ unstable main non-free contrib

###  Debian Ufficiale -- Experimental
deb http://ftp.debian.org/debian/ ../project/experimental main



apt-get -y install libnet0 libnet0-dev figlet automake autoconf clamav
clamav-base clamav-freshclam clamav-daemon mysql-client-4.1 libmysql++-dev
mysql-server-4.1 libmysql++-dev apache php4-mysql php4 iptables
iptables-dev libstdc++6-dev libclamav-dev libclamav1 bridge-utils


wget
http://optusnet.dl.sourceforge.net/sourceforge/libdnet/libdnet-1.11.tar.gz

wget 
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-6.6.tar.gz

wget
http://ovh.dl.sourceforge.net/sourceforge/snort-inline/snort_inline-2.4.3-RC4.tar.gz

wget 
http://www.snort.org/dl/current/snort-2.4.3.tar.gz

wget
http://heanet.dl.sourceforge.net/sourceforge/secureideas/base-1.2.2.tar.gz

wget 
http://voxel.dl.sourceforge.net/sourceforge/adodb/adodb472.tgz

pcre e lbdnet :

./configure
make
make install


sia snort che snort_inline :

./configure --enable-inline --with-mysql
--with-libipq-includes=/usr/include/libipq/
--with-libipq-libraries=/usr/lib/ --enable-clamav
--with-clamav-includes=/usr/include/ --with-clamav-defdir=/var/lib/clamav/

make
make install

MetU and Pillo.