The I.T Massive!

Multi Sensor Intrusion Detection System
Version 2.5
Written by Graham Mead

Click here to read in wide screen!

Abstract
This guide will be a multi sensor snort set up with central logging and an administrative front end. Snort will be implemented in this manner to aid the scalability issue of large networks. The guide is split into these segments:

Server Installation, a mandatory stage that forms the central core of the installation. This stage must be performed first.

• Setting up MySQL
• Allowing MySQL Network Access
• Apache and PHP
• Apache SSL
• Basic Analysis and Security Engine
• BASE database Schema
• Securing BASE with User Login
• Installing Oinkmaster
• Bleeding Edge Rules
• SSH server

Sensor Installation, a mandatory stage that is used to create each Snort sensor

• Setting up SSH
• Installing Snort (from source)
• Installing Snort (Ubuntu binary version)
• Configuring Snort
• Installing Oinkmaster

Click to read more ...

Abstract
This guide will be a snort set up with an administrative front end. Snort will be implemented in this manner so it can easily installed and maintained. This configuration is only for use on one local system as it bypasses a lot of security features that would be required for external access. This install is intended to be used to develop snort rules but it could also be used for monitoring a home network.

• Setting up MySQL
• Apache and PHP
• Basic Analysis and Security Engine
• Installing Oinkmaster
• Bleeding Edge Rules
• Installing Snort from source (Recomended)
• Installing Snort (Ubuntu binary version)
• Configuring Snort

Click to read more ...