5. Apache2 Configuration

Apache2 has already been installed on the computer.

Create a file called test.php in /var/www/ with your favorite text editor.

# vim /var/www/test.php

Write in it:

<?php
phpinfo();
?>

Save and close this file.

Edit /etc/php5/apache2/php.ini file.

# vim /etc/php5/apache2/php.ini

Add the following under "Dynamic Extensions".

extension=mysql.so
extension=gd.so

Restart Apache2.

# /etc/init.d/apache2 restart

Get the IP address of the machine you are working on.

# ifconfig -a

Open a web browser and go to http://YOUR.IP.ADDRESS/test.php.

If everything went well, you will have PHP information displayed.

6. Moving and setting up Folders

Move ADOdb into the /var/www directory.

# mv /usr/share/php/adodb /var/www/

Make a directory called web in www and move ACIDBASE.

# mkdir /var/www/web
# mv /usr/share/acidbase /var/www/web/

Temporarily enable writing to the acidbase folder for setup.

# chmod 777 /var/www/web/acidbase

Rename existing base_conf.php file to base_conf.old.

# cd /var/www/web/acidbase
# mv base_conf.php base_conf.old

Install pear extensions for graphs to work in ACIDBASE.

# pear install Image_Color

7. ACIDBASE Setup for Snort and Archive Databases

7.1 Setup Snort database via web browser

Open a web browser and navigate to http://YOUR.IP.ADDRESS/web/acidbase/setup. Click to continue on the first page.

Step 1 of 5: Enter the path to ADODB.

This is /var/www/adodb.

Step 2 of 5:

Main Database type = MySQL, Database name = snort, Database Host = localhost, Database username = <your_username>, Database Password = <your_password>, Archive Database type = MySQL, Database name = archive, Database Host = localhost, Database username = <your_username>, Database Password = <your_password>

Step 3 of 5:

If you want to use authentication enter a username and password here (user: <your_username>, password: <your_password>).

Step 4 of 5:

Click on Create BASE AG.

Step 5 of 5:

Once step 4 is done at the bottom click on Now continue to step 5.

Bookmark this page.

7.2 Create folder for ACIDBASE Archive database

In order for archive database to work an archive folder needs to be created within ACIDBASE folder.

# mkdir /var/www/web/acidbase/archive
# cd /var/www/web/acidbase
# cp –R * /var/www/web/acidbase/archive
# chmod 777 /var/www/web/acidbase/archive

Rename existing base_conf.php file to base_conf.old.

# cd /var/www/web/acidbase/archive
# mv base_conf.php base_conf.old

7.3 Setup Archive database via web browser

Open a web browser and navigate to http://YOUR.IP.ADDRESS/web/acidbase/archive/setup.

Click continue on the first page.

Step 1 of 5: Enter the path to ADODB.

This is /var/www/adodb.

Step 2 of 5:

Archive Database type = MySQL, Database name = archive, Database Host = localhost, Database username = <your_username>, Database Password = <your_password>

Step 3 of 5:

If you want to use authentication enter a username and password here (user: <your_username>, password: <your_password>).

Step 4 of 5:

Click on Create BASE AG.

Step 5 of 5:

Once step 4 is done at the bottom click on Now continue to step 5.

8. Start Snort and check services status

To start Snort in the terminal type:

# snort -c /etc/snort/snort.conf -i eth0 -D

This starts snort using eth0 interface in a daemon mode.

To make sure it is running you can check with the following command:

# ps aux | grep snort

If it's running you will see an entry similar to snort -c /etc/snort/snort.conf -i eth0 -D.

Make sure that all necessary services are running with the following command:

# /etc/init.d/mysql status
# /etc/init.d/apache2 status
# /etc/init.d/snort status

If they are running you will see output <OK>.

If necessary run

# /etc/init.d/<service> restart

command for each of the services that need a restart.