Home > IT Blogs > Irregular Expressions/

Irregular Expressions:

suricata freebsd

1
March 10, 2010  3:13 PM

Installing Suricata on FreeBSD – Part 7



Posted by: Dan O'Connor
barnyard freebsd, suricata freebsd

To get the unified2 events coming out of Suricata into the database that was setup, you will need to install something to open that file format. One of the choices listed is barnyard2, it's a large install and needs to have snort installed as a dependency but it will do the...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 4, 2010  8:38 PM

Installing Suricata on FreeBSD – Part 6



Posted by: Dan O'Connor
suricata freebsd

Once the configuration of php + apache is completed you should be able to get the first setup screen of BASE up. Follow along with the setup, once you get to the database section you will need to get some sql schema from the snort installation tarball. The needed file is called ( I used...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 3, 2010  8:36 PM

Installing Suricata on FreeBSD – Part 5



Posted by: Dan O'Connor
suricata freebsd, suricata install, suricata install freebsd

Once the install of BASE is completed you also need to install apache or some other web server. [code]cd /usr/ports/www/apache22/ make install clean [/code] Once installed you will need to allow apache to start. [code] vi /etc/rc.conf apache22_enable="YES" [/code] There is also some...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

March 2, 2010  10:45 AM

Installing Suricata on FreeBSD – Part 4



Posted by: Dan O'Connor
base freebsd, suricata freebsd, suricata install freebsd, unified2 freebsd

Now that we have something to control Suricata make sure to set the configuration variables for Suricata. Ensure your HOME_NET is correct or your results are not going to be so great. [code] # Holds the address group vars that would be passed in a Signature. # These would be retrieved...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 23, 2010  12:44 AM

Installing Suricata on FreeBSD – Part 3



Posted by: Dan O'Connor
suricata freebsd, suricata install, suricata install freebsd

Now that Suricata will start it's time to create a rc script to control the service. ( Lets put it somewhere nice ) [code]vi /usr/local/etc/rc.d/suricata[/code] [code] #!/bin/sh # # By Dan OConnor # PROVIDE: suricata # . /etc/rc.subr name="suricata" rcvar=${name}_enable load_rc_config...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 21, 2010  11:55 PM

Installing Suricata on FreeBSD – Part 2



Posted by: Dan O'Connor
suricata freebsd, suricata install, suricata install freebsd

With everything in place you can now start suricata. [code]suricata -c /usr/local/etc/suricata.yaml -i em0[/code] Got a good start. [code]70 rule files processed. 7977 rules succesfully loaded, 5 rules failed[/code] Here is the 5 that did not load, I only added the emerging threats...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

February 20, 2010  10:33 PM

Installing Suricata on FreeBSD – Part 1



Posted by: Dan O'Connor
suricata freebsd, suricata install, suricata install freebsd

Installation of Suricata on FreeBSD i386. Packages needed.

  • PCRE
  • libyaml
  • libnet
Step by step. [code]cd /usr/ports/devel/pcre/ make install clean cd /usr/ports/textproc/libyaml/ make install clean cd /usr/ports/net/libnet/ make...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1