構建網絡安全長城之烽火台的建立(5)

D. 測試 一下PHP是否能成功運行 [root .net server php-4.3.3]#echo '?php phpinfo() ?＞' /www/htdocs/test.php [root@netserver php-4.3.3]#/www/bin/apachectl restart E.讓apache在以運行級3、5啟動的時候能夠自動運行 [root@netserver php-4.3.3]#cp ap D.測試一下PHP是否能成功運行

　　[root.netserver php-4.3.3]#echo '<?php phpinfo() ?＞' /www/htdocs/test.php
　　[root@netserver php-4.3.3]#/www/bin/apachectl restart

　　E.讓apache在以運行級3、5啟動的時候能夠自動運行

　　[root@netserver php-4.3.3]#cp apachectl /etc/init.d/httpd
　　[root@netserver php-4.3.3]#chmod 755 /etc/init.d/httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc3.d/S85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc3.d/K85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc5.d/S85httpd
　　[root@netserver php-4.3.3]# ln -s /etc/init.d/httpd /etc/rc5.d/K85httpd
　　[root@netserver php-4.3.3]#cd ../

　　然後在浏覽器輸入 http://該機ip地址/test.php 查看關於Apache/PHP的信息

　　7、安裝Snort和過濾規則

　　A. 編譯安裝Snort

　　[root@netserver ids]#groupadd snort
　　[root@netserver ids]#useradd -g snort snort
　　[root@netserver ids]#mkdir /etc/snort
　　[root@netserver ids]#mkdir /etc/snort/rules
　　[root@netserver ids]#mkdir /var/log/snort
　　[root@netserver ids]#tar -xvzf snort-2.0.2.tar.gz
　　[root@netserver ids]#cd snort-2.0.2
　　[root@netserver snort-2.0.2]#./configure --with-mysql=/usr/local/mysql --enable-flexresp --with-libpcap-includes=/usr/local/libpcap/include --with-libpcap-libraries=/usr/local/libpcap/lib (此語句請寫成一行)
　　[root@netserver snort-2.0.2]#make
　　[root@netserver snort-2.0.2]#make install

　　B. 設置規則，我們這裡為了方便，直接使用Snort自帶的規則

　　[root@netserver snort-2.0.2]#cp rules/* /etc/snort
　　[root@netserver snort-2.0.2]#cp etc/.conf /etc/snort
　　[root@netserver snort-2.0.2]#cp *.conf /etc/snort

　　C.編輯snort.conf文件

　　[root@netserver snort-2.0.2]#vi /etc/snort/snort.conf

　　將以下幾行的值改變為所寫的：

　　var RULE_PATH /etc/snort/rules/
　　output database: log, mysql, user=snort password=(你的密碼) dbname=snort host=localhost

　　D.讓snort在以運行級3、5啟動的時候能夠自動運行

　　snort. (cp contrib/S99snort /etc/init.d/snort) Change the following lines:
　　[root@netserver snort-2.0.2]#cp contrib/S99snort /etc/init.d/snort

　　編輯snort文件，修改下面兩行

　　[root@netserver snort-2.0.2]#vi /etc/init.d/snort
　　CONFIG=/etc/snort/snort.conf
　　SNORT_GID=snort

　　[root@netserver snort-2.0.2]#chmod 755 /etc/init.d/snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc3.d/S99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc3.d/K99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc5.d/S99snort
　　[root@netserver snort-2.0.2]#ln -s /etc/init.d/snort /etc/rc5.d/K99snort

　　E.在MySQL中設置Snort需要的庫

　　[root@netserver snort-2.0.2]#/usr/local/mysql/bin/mysql
　　mysql＞ SET PASSWORD FOR root@localhost=PASSWORD('你的root的密碼')；
　　＞Query OK, 0 rows affected (0.25 sec)
　　mysql＞ create database snort；
　　＞Query OK, 1 row affected (0.01 sec)
　　mysql＞ grant INSERT,SELECT on root.* to snort@localhost；
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ SET PASSWORD FOR snort@localhost=PASSWORD('你的snort的密碼')
　　＞Query OK, 0 rows affected (0.25 sec)
　　mysql＞ grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort@localhost
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort
　　＞Query OK, 0 rows affected (0.02 sec)
　　mysql＞ exit
　　＞Bye