Instalasi Suricata: Difference between revisions

Latest revision as of 00:13, 29 July 2012

Siapkan Aplikasi Pendukung

Siapkan berbagai aplikasi pendukung sebelum menginstalasi suricata

sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \
make libmagic-dev

di Ubuntu 10.04

sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
build-essential autoconf automake libtool libpcap-dev libnet1-dev \
libyaml-dev libcap-ng-dev libcap-ng0

Download htp

Download htp secara manual

http://openinfosecfoundation.org/index.php/download-suricata
http://openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz

Atau download & Install htp secara manual

cd /usr/local/src
wget http://www.openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
tar -xzvf libhtp-0.2.3.tar.gz
cd libhtp-0.2.3
./configure
make
make install

Jika kita ingin menjalankan kemampuan IPS yang ada di suricata (./configure --enable-nfqueue) ada baiknya mengaktifkan

sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libcap-ng0

Mengaktifkan IPS dapat dilakukan pada saat konfigurasi menggunakan perintah

./configure --enable-nfqueue

Download suricata

Suricata

To download and build Suricata, enter the following:

wget http://www.openinfosecfoundation.org/download/suricata-1.3.tar.gz tar -xvzf suricata-1.3.tar.gz cd suricata-1.3/

Compile and install the engine

If you plan to build Suricata with IPS capabilities, enter:

./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var

instead of

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var

Continue with the next commands:

./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
make
sudo make install
sudo ldconfig

Referensi

Pranala Menarik

Instalasi Suricata: Difference between revisions

Latest revision as of 00:13, 29 July 2012

Contents

Siapkan Aplikasi Pendukung

Download htp

Download suricata

Referensi

Pranala Menarik

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools

@@ Line 1: / Line 1: @@
-pre-installation requirements
+==Siapkan Aplikasi Pendukung==
-Before you can build Suricata for your system, run the following command to ensure that you have everything you need for the installation.
+Siapkan berbagai aplikasi pendukung sebelum menginstalasi suricata
   sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
   build-essential autoconf automake libtool libpcap-dev libnet1-dev \
-  libyaml-0-1 libyaml-dev zliblg zliblg-dev libcap-ng-dev libcap-ng0
+  libyaml-0-2 libyaml-dev zlib1g zlib1g-dev libcap-ng-dev libcap-ng0 \
+ make libmagic-dev
-Depending on the current status of your system, it may take a while to complete this process.
+di Ubuntu 10.04
-htp
-HTP is bundled with Suricata and installed automatically. If you need to install htp manually for other reasons, instructions can be found here.
+ sudo apt-get -y install libpcre3 libpcre3-dbg libpcre3-dev \
-ips
+ build-essential autoconf automake libtool libpcap-dev libnet1-dev \
+ libyaml-dev libcap-ng-dev libcap-ng0
-If you want to use ubuntu-8.04 to use pre-built YAML packages, you must uncomment the following two lines in your /etc/apt/sources.list file so that you can enable hardy-backports:
- #deb http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
+==Download htp==
- #deb-src http://us.archive.ubuntu.com/ubuntu/ hardy-backports main restricted universe multiverse
-If you plan to build Suricata with IPS capabilities via ./configure --enable-nfqueue, enter the following:
+Download htp secara manual
-  sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0
+  http://openinfosecfoundation.org/index.php/download-suricata
-libcap-ng installation
+ http://openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
-This installation is needed for dropping privileges.
+Atau download & Install htp secara manual
-  wget http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-0.6.4.tar.gz
+ cd /usr/local/src
-  tar -xzvf libcap-ng-0.6.4.tar.gz
+  wget http://www.openinfosecfoundation.org/download/libhtp-0.2.3.tar.gz
-  cd libcap-ng-0.6.4
+  tar -xzvf libhtp-0.2.3.tar.gz
-  ./configure && make && sudo make install
+  cd libhtp-0.2.3
-  suricata
+  ./configure
+ make
+ make install
+Jika kita ingin menjalankan kemampuan [[IPS]] yang ada di suricata (./configure --enable-nfqueue) ada baiknya mengaktifkan
+ sudo apt-get -y install libnetfilter-queue-dev libnetfilter-queue1 libnfnetlink-dev libnfnetlink0 libcap-ng0
+Mengaktifkan [[IPS]] dapat dilakukan pada saat konfigurasi menggunakan perintah
+  ./configure --enable-nfqueue
+==Download suricata==
+Suricata
 To download and build Suricata, enter the following:
- wget http://www.openinfosecfoundation.org/download/suricata-current.tar.gz
+wget http://www.openinfosecfoundation.org/download/suricata-1.3.tar.gz
- tar -xvzf suricata-current.tar.gz
+tar -xvzf suricata-1.3.tar.gz
- cd suricata.version
+cd suricata-1.3/
+Compile and install the engine
+If you plan to build Suricata with IPS capabilities, enter:
+ ./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var
-If you are building from Git sources, enter the following:
+instead of
-  bash autojunk.sh
+  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
-If you are not building from Git sources, enter the following:
+Continue with the next commands:
-  ./configure
+  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
- sudo mkdir /var/log/suricata/
   make
-  make install
+  sudo make install
+ sudo ldconfig
 ==Referensi==
+* http://www.openinfosecfoundation.org/
+* http://www.openinfosecfoundation.org/index.php/download-suricata
+* http://openinfosecfoundation.org/documentation/index.html
 * http://openinfosecfoundation.org/documentation/getting-started-debian-ubuntu.html
 ==Pranala Menarik==
+* [[Suricata Open Source Next Generation Intrusion Detection and Prevention Engine]]
 * [[Keamanan Jaringan]]
 * [[Linux Howto]]