李晨光
了解OSSIM
(./350944
/1332329)
傻瓜安装方法(ISO)
准备工作-Debian Linux
自定义安装
我们分为以下8个步骤
0. 安装 ossim的准备工作
1. ossim-mysql
2. ossim-server
3. ossim-agent
4. ossim-framework
5. ossim-utils
6. ossim-contrib
7. Post OSSIM installation
A. Plugins
0. 准备工作
安装Debian GNU/Linux 5/6
Apt 配置
编辑文件/etc/apt/ 修改源以适合Ossim安装
[ -- /etc/apt/ -- ]
deb http://ftp./debian/ testing main
deb http://secure-testing./debian-secure-testing testing/security-
updates main
deb nload/ debian/
# apt-get update
新建文件/etc/apt/preferences 内容如下:
[ -- /etc/apt/preferences -- ]
Package: *
Pin: release o=ossim
Pin-Priority: 995
性能
()。-686为例
# apt-get update && apt-get install linux-image--686
# apt-get install hdparm
[ -- /etc/ -- ]
# Activate DMA + Safe Performance-enhancing Options
/dev/hda {
dma = on
lookahead = on
mult_sect_io = 16
interrupt_unmask = on
read_ahead_sect = 64
}
清理系统
# apt-get install deborphan
# orphaner --purge
接着你需要安装运行级别配置工具 rcconf或 sysv-
rc-conf,来管理运行脚本。
# apt-get install ossim-mysql
为数据库设置root口令
# mysqladmin -u root password
your_secret_password
编辑/etc/mysql/f 配置文件并修改the bind-
address entry 修改完成之后记得重启服务哦。
下面开始,创建以下数据库:
# mysql -u root -p
mysql> create database ossim;
mysql> create database ossim_acl;
mysql> create database snort;
mysql> exit;
在数据库中装载以下表:
# zcat /usr/share/doc/ossim-mysql/contrib/
\
/usr/share/doc/ossim-mysql/contrib/ \
/usr/share/doc/ossim-mysql/contrib/ \
/usr/share/doc/ossim-mysql/contrib/ | \
mysql -u root ossim -p
# zcat /usr/share/doc/ossim-
mysql/contrib/ \
/usr/share/doc/ossim-
mysql/contrib/create_acid_tbls_mysql
ossim手工安装配置指南 来自淘豆网m.daumloan.com转载请标明出处.
