gentoo install snare (HIDS)
2013-06-15SNARE stands for System iNtrusion Analysis & Reporting Environment
1、kernel
下载内核补丁:
Snare-2.6.10-2.3.legacy_FC2-snare.patch
给2.6.10内核打snare补丁:
tar jxvf linux-2.6.10.tar.bz2
cd linux-2.6.10
patch -p1<../Snare-2.6.10-2.3.legacy_FC2-snare.patch
make menuconfig
make
make modules_install
2、snare-core
下载snare-core-0.9.8.tar.gz
tar zxvf snare-core-0.9.8.tar.gz
cd snare-core-0.9.8
make
make install
修改/etc/init.d/snare里/etc/rc.d/init.d/为/etc/init.d
3、snare-gui
下载snare-gui-0.9.6.tar.gz
tar zxvf snare-gui-0.9.6.tar.gz
cd snare-gui-0.9.6
./configure;make;make install
4、重启linux
ps -ef|grep audit确定已启动/etc/init.d/snare;
启动snare &
参考:
http://www.intersectalliance.com/projects/Snare/index.html