Install Barnyard Centos 6.4 64bit

Barnyard adalah addon untuk snort.

Barnyard is an addon for snort. Barnyard let snort to write its log and alert data very fast in a binary files and then Barnyard read those files and send them to whatever output you configure it, here we will configure to output the data to a mysql database in order to watch the data using php application called BASE.

Sumber : nachum

Secara garis besar sama namun kali ini saya menggunakan Centos 6.4 64bit jadi anggap saja translate dari sumber sekaligus uji coba langsung.hehee

Setelah melakukan instalasi Pulledpork biar bisa update rule otomatis,kita coba install barnyard

# yum install mysql mysql-devel git libtool -y
# cd /usr/local/src/snort
# git clone https://github.com/firnsy/barnyard2.git barnyard2
# cd barnyard2
# ./autogen.sh

Kemudian kita config Untuk Centos 64bit atau On x86_64 system
# ./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql
Setelah kompilasi selesai kita langsung install
# make && make install
Akan ada proses seperti

Making install in m4
make[1]: Entering directory `/usr/local/src/snort/barnyard2/m4′
make[2]: Entering directory `/usr/local/src/snort/barnyard2/m4′
make[2]: Nothing to be done for `install-exec-am’.
make[2]: Nothing to be done for `install-data-am’.
make[2]: Leaving directory `/usr/local/src/snort/barnyard2/m4′
make[1]: Leaving directory `/usr/local/src/snort/barnyard2/m4′
make[1]: Entering directory `/usr/local/src/snort/barnyard2′
make[2]: Entering directory `/usr/local/src/snort/barnyard2′
make[2]: Nothing to be done for `install-exec-am’.
make[2]: Nothing to be done for `install-data-am’.
make[2]: Leaving directory `/usr/local/src/snort/barnyard2′
make[1]: Leaving directory `/usr/local/src/snort/barnyard2′

Setelah selesai kita buat barnyard run saat startup

cpconfig

chkconfig

Create links for Barnyard files and create archive directory

# ln -s /usr/local/etc/barnyard2.conf /etc/snort2/barnyard.conf
# ln -s /usr/local/bin/barnyard2 /usr/bin/
# mkdir /var/log/snort/eth0/archive/
Ganti setting dari barnyard2 di /etc/init.d/barnyard2 ganti -L menjadi -l <L kecil>
opts
Kemudian reset dulu chkconfignya
# chkconfig barnyard2 reset
Edit konfigurasi Log dari snort di
# nano /etc/sysconfig/barnyard2
...  
LOG_FILE="snort.log"
...
Kemudian starting snort dan barnyardnya..
# service snortd start
# service barnyard2 start

Untuk step installasi Barnyar selesai

Dari urutannya awal menjadi install Snort

Update  PulledPork

Install Barnyard

Terakhir install BASE sebagai penghubung dengan gui nya

Install Base

Advertisements

One comment

  1. Pingback: Install BASE | Rosada.id


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s