diff options
author | Niels Horn <niels.horn@gmail.com> | 2010-10-16 21:37:04 -0500 |
---|---|---|
committer | Robby Workman <rworkman@slackbuilds.org> | 2010-10-16 21:37:04 -0500 |
commit | 3dbd1ebb1149fb1b29278c065f269d82f1ffe201 (patch) | |
tree | 8126413bed755bf16652def44475b35209c24c20 | |
parent | 64e84ab974fc5715cdb4614e47a9c9124e1e9331 (diff) |
network/base: Added (web front-end for Snort)
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
-rw-r--r-- | network/base/README | 8 | ||||
-rw-r--r-- | network/base/README.SLACKWARE | 48 | ||||
-rw-r--r-- | network/base/base.SlackBuild | 54 | ||||
-rw-r--r-- | network/base/base.info | 10 | ||||
-rw-r--r-- | network/base/slack-desc | 19 |
5 files changed, 139 insertions, 0 deletions
diff --git a/network/base/README b/network/base/README new file mode 100644 index 0000000000000..b2dc421ff5cd8 --- /dev/null +++ b/network/base/README @@ -0,0 +1,8 @@ +BASE is the Basic Analysis and Security Engine. It is based on code +from the Analysis Console for Intrusion Databases (ACID) project. +This application provides a web frontend to query and analyze the alerts +coming from a Snort IDS system. + +This requires adodb and snort. + +See the included README.SLACKWARE for information on setting up BASE. diff --git a/network/base/README.SLACKWARE b/network/base/README.SLACKWARE new file mode 100644 index 0000000000000..08d5dc0929416 --- /dev/null +++ b/network/base/README.SLACKWARE @@ -0,0 +1,48 @@ +README.SLACKWARE +================ + + +0) Before installing BASE +------------------------- + +0.1 Necessary packages + +BASE requires a running installation of Snort, saving events to a database, +either directly or through Barnyard{,2}, and adodb. + +I tested this with: + - snort-2.8.6.1 + - barnyard2-1.8 + - adodb-5.11 + +Snort (with our without Barnyard) should be working fine, saving alerts to +your database before attempting to install or configure BASE. + +0.2 Necessary PHP modules + +For the graphics to work, you will need to get some modules from the PEAR +library. + +You can download & install them with a few simple commands, presuming you +have a working internet connection. If you do not have internet access on +the system where you are setting up BASE, check the pear instructions on how +to download the packages and install them on a separate box. + + # pear install Image_Color-1.0.4 + # pear install Image_Canvas-0.3.2 + # pear install Image_Graph-0.7.2 + + +1) Configuring BASE +------------------- + +After installing the BASE package, point your webbrowser to: + + http://<yourserver>/base + +and follow the five steps to configure BASE. +The last step is to copy the created configuration settings from your browser +and save it as: + + /var/www/htdocs/base/base_conf.php + diff --git a/network/base/base.SlackBuild b/network/base/base.SlackBuild new file mode 100644 index 0000000000000..20f6d35f6f2c4 --- /dev/null +++ b/network/base/base.SlackBuild @@ -0,0 +1,54 @@ +#!/bin/sh + +# Slackware build script for base: +# Basic Analysis and Security Engine + +# Written by Niels Horn <niels.horn@gmail.com> +# revision date 2010/09/22 + +PRGNAM=base +VERSION=${VERSION:-1.4.5} +BUILD=${BUILD:-1} +TAG=${TAG:-_SBo} + +ARCH=noarch + +DOCROOT=${DOCROOT:-/var/www/htdocs} +PHPUSER=${PHPUSER:-root} +PHPGROUP=${PHPGROUP:-apache} + +CWD=$(pwd) +TMP=${TMP:-/tmp/SBo} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +set -e + +rm -rf $TMP/$PRGNAM-$VERSION $PKG +mkdir -p $TMP $PKG $OUTPUT +cd $TMP +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz +cd $PRGNAM-$VERSION +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +# "Install" to $DOCROOT/base +mkdir -p $PKG/$DOCROOT/$PRGNAM +cp -a \ + *.php base_conf.php.dist admin help images includes languages setup styles \ + $PKG/$DOCROOT/$PRGNAM/ +chown -R $PHPUSER:$PHPGROUP $PKG/$DOCROOT/$PRGNAM + +# Copy docs +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a \ + docs/* sql \ + $PKG/usr/doc/$PRGNAM-$VERSION +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/base/base.info b/network/base/base.info new file mode 100644 index 0000000000000..72ffd9ef64aef --- /dev/null +++ b/network/base/base.info @@ -0,0 +1,10 @@ +PRGNAM="base" +VERSION="1.4.5" +HOMEPAGE="http://base.secureideas.net/" +DOWNLOAD="http://downloads.sourceforge.net/secureideas/base-1.4.5.tar.gz" +MD5SUM="2ce7de089b7b860f8230731f94a02044" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" +MAINTAINER="Niels Horn" +EMAIL="niels.horn@gmail.com" +APPROVED="rworkman" diff --git a/network/base/slack-desc b/network/base/slack-desc new file mode 100644 index 0000000000000..3103f6c58425b --- /dev/null +++ b/network/base/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +base: base (web front-end for Snort) +base: +base: BASE is the Basic Analysis and Security Engine. It is based on the +base: code from the Analysis Console for Intrusion Databases (ACID) project. +base: This application provides a web front-end to query and analyze the +base: alerts coming from a Snort IDS system. +base: +base: Homepage: http://base.secureideas.net/ +base: +base: +base: |