Scribd
Upload
64 views5 pages

Installasi Barnyard2 On Ubuntu 16

This document provides instructions for installing and configuring Barnyard2 and BASE web GUI on an Ubuntu 16.04 server to analyze and view Snort alerts. The steps include: 1. Installing prerequisite packages and downloading Barnyard2. 2. Configuring Barnyard2, creating a MySQL database, and testing the installation. 3. Downloading and configuring the BASE web GUI, and making configuration file changes to connect to the MySQL database. 4. Restarting services and installing additional PHP modules if needed.

Uploaded by

Rizal Sanmas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
64 views5 pages

Installasi Barnyard2 On Ubuntu 16

This document provides instructions for installing and configuring Barnyard2 and BASE web GUI on an Ubuntu 16.04 server to analyze and view Snort alerts. The steps include: 1. Installing prerequisite packages and downloading Barnyard2. 2. Configuring Barnyard2, creating a MySQL database, and testing the installation. 3. Downloading and configuring the BASE web GUI, and making configuration file changes to connect to the MySQL database. 4. Restarting services and installing additional PHP modules if needed.

Uploaded by

Rizal Sanmas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

INSTALLASI BARNYARD2 ON UBUNTU 16.

04

First Preparation :
sudo apt-get install -y build-essential
sudo apt-get install -y libpcap-dev libpcre3-dev libdumbnet-dev
sudo apt-get install -y bison flex

Preparation install :
sudo apt-get install -y mysql-server libmysqlclient-dev mysql-client
autoconf libtool

edit file etc/snort/snort.conf


output unified2: filename snort.u2, limit 128

download barnyard2 :
cd ~/snort_src
wget https://github.com/firnsy/barnyard2/archive/master.tar.gz -O
barnyard2-Master.tar.gz
tar zxvf barnyard2-Master.tar.gz
cd barnyard2-master
autoreconf -fvi -I ./m4

buatakses file dnet.h :


sudo ln -s /usr/include/dumbnet.h /usr/include/dnet.h
sudo ldconfig

konfigurasi system X86 & x64


./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-
gnu
./configure --with-mysql --with-mysql-libraries=/usr/lib/i386-linux-
gnu

Install Barnyard2 :
make
sudo make install

Uji Barnyard2 :
/usr/local/bin/barnyard2 -V

Konfigurasi Direktori Barnyard2


sudo cp ~/snort_src/barnyard2-master/etc/barnyard2.conf /etc/snort/
 
# the /var/log/barnyard2 folder is never used or referenced
# but barnyard2 will error without it existing
sudo mkdir /var/log/barnyard2
sudo chown snort.snort /var/log/barnyard2
 
sudo touch /var/log/snort/barnyard2.waldo
sudo chown snort.snort /var/log/snort/barnyard2.waldo

buat database dan akun snort :


$ mysql -u root -p
mysql> create database snort;
mysql> use snort;
mysql> source ~/snort_src/barnyard2-master/schemas/create_mysql
mysql> CREATE USER 'snort'@'localhost' IDENTIFIED BY
'MYSQLSNORTPASSWORD';
mysql> grant create, insert, select, delete, update on snort.* to
'snort'@'localhost';
mysql> exit

Setting file barnyard2.conf :


output database: log, mysql, user=snort password=MYSQLSNORTPASSWORD
dbname=snort host=localhost sensor name=sensor01

ganti permissions file :


sudo chmod o-r /etc/snort/barnyard2.conf

Running snort on Daemon mode :


sudo /usr/local/bin/snort -q -u snort -g snort -c
/etc/snort/snort.conf -i interface -D

sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f


snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort
INSTALLATION BASE WEB GUI ON UBUNTU 16

Preparation Installasi :
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get install -y apache2 libapache2-mod-php5.6 php5.6-
mysql php5.6-cli php5.6 php5.6-common php5.6-gd php5.6-cli php-
pear php5.6-xml

sudo pear install -f --alldepsImage_Graph

Download Adodb :
cd ~/snort_src
wgethttps://sourceforge.net/projects/adodb/files/adodb-php5-
only/adodb-520-for-php5/adodb-5.20.8.tar.gz
tar -xvzf adodb-5.20.8.tar.gz
sudo mv adodb5 /var/adodb
sudochmod -R 755 /var/adodb

Download BASE :
cd ~/snort_src
wgethttp://sourceforge.net/projects/secureideas/files/BASE/base-
1.4.5/base-1.4.5.tar.gz
tar xzvf base-1.4.5.tar.gz
sudo mv base-1.4.5 /var/www/html/base/

BuatKonfigurasi File :
cd /var/www/html/base
sudo cp base_conf.php.distbase_conf.php
edit file konfigurasi :
sudo vi /var/www/html/base/base_conf.php

$BASE_urlpath = '/base'; # line 50


$DBlib_path = '/var/adodb/'; #line 80
$alert_dbname = 'snort'; # line 102
$alert_host = 'localhost';
$alert_port = '';
$alert_user = 'snort';
$alert_password = 'MySqlSNORTpassword'; # line 106

//$graph_font_name = "Verdana";
//$graph_font_name = "DejaVuSans";
//$graph_font_name = "Image_Graph_Font";
$graph_font_name = "";

Permission file :
sudochown -R www-data:www-data /var/www/html/base
sudochmod o-r /var/www/html/base/base_conf.php

Restart Servis :
sudo service apache2 restart

base error phpMyAdmin :sudo apt-get install php5.6-mbstring


sudo apt-get install php5.6-mysql
Remove Index.php on CodeIgniter

Edit file .htaccess


<IfModule mod_rewrite.c>
RewriteEngine On
#RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f


RewriteRule ^ index.php [QSA,L]
</IfModule>

Ubah Permission untuk direktori aplikasi pada file apache2.conf

AllowOverride All

Aktifkan module rewrite ygada pada .htaccess

a2enmod rewrite

sudo chmod -R 755 /var/www/html

service apache2 restart

You might also like