Computer Studies Sguil_Configuration_and_Installation.pdf - Guy Bruneau \u2013 [email protected] Sguil Configuration and Installation Sguil Version 0.5.3

Computer Studies Sguil_Configuration_and_Installation.pdf -...

This preview shows page 1 - 3 out of 7 pages.

Guy Bruneau – [email protected] Sguil Configuration and Installation Sguil Version 0.5.3 15 January 2005 Note : If you decide to install Sguil, the Shadow sensor cronjob and startup in the /etc/rc.d/rc.local will be disabled. If you want to run both packet collection packages, which collect the same information, it can be enabled in both files previously mentioned. Additional information available at: Installing Sguil with MySQL database ............................................................................... 2 Installing Sguil without MySQL ......................................................................................... 2 Installing Sguil Database Server Only ................................................................................ 2 Client Configuration ........................................................................................................... 2 Sguil sguil.conf update ................................................................................................ 3 Client Access to Database ................................................................................................... 3 Setting up the database and its users ........................................................................... 4 Change the mysql root password ........................................................................................ 4 Configuring Sguil Daemon ................................................................................................. 4 Adding a New User to Sguil ............................................................................................... 5 Removing a User from Sguil .............................................................................................. 5 Configure Snort Portscan .................................................................................................... 5 Configuring Barnyard ......................................................................................................... 6 Configuring Sancp .............................................................................................................. 6 Configuring Sensor Agent .................................................................................................. 6 Configuring Log Packets .................................................................................................... 7 Page 1 of 7 Copyright © Guy Bruneau, 2004-2005. All rights reserved.
Image of page 1
Guy Bruneau – [email protected] Installing Sguil with MySQL database mount /mnt/cdrom cd /mnt/cdrom/sguil run pkgtool Select Current Install packages from the current directory Install the package located in this directory Installing Sguil without MySQL This package is for distributed sensors. On PC contains Sguil with MySQL database and the sensors report to it. mount /mnt/cdrom cd /mnt/cdrom/sensguil run pkgtool Select Current Install packages from the current directory Install the package located in this directory Installing Sguil Database Server Only This package is for distributed sensors. On PC contains Sguil with MySQL database and the sensors report to it. mount /mnt/cdrom cd /mnt/cdrom/sguildb run pkgtool Select Current Install packages from the current directory Install the package located in this directory Client Configuration Download the Windows Sguil client at: Unpack in C:\sguil-0.5.3 Download Windows Active TCL at: Install at c:\tcl Download Windows TLS libraries at: Unpack in C:\tcl\lib
Image of page 2
Image of page 3

Other Related Materials

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture