O'Reilly logo

WordPress 3 Ultimate Security by Olly Connelly

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Sniffing out malformed packets with Snort

The web's top-rated NIDS solution, Snort, checks incoming packets against a rules-base and reports the results to a MySQL database as well as, as discussed previously, to OSSEC:

That's handy, especially when fronted by Snorby, a powerful interface that makes analysis a snap and which makes a Snort-specific alternative to using Splunk's GUI:

We need to work in superuser mode so take root:

sudo -i

Installing the packages

Install Snorby with Ruby on Rails to power it, Snort's MySQL version and dependencies:

aptitude install apache2-prefork-dev build-essential ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required