HowtoForge

Intrusion Detection With BASE And Snort - Page 4

BASE web page setup

Open your favorite web browser and go to: http://www.example.com/base-1.2.5/setup
If all is setup okay you should see the BASE Setup Program page:

Click on Continue

step 1 of 5:
Enter the path to ADODB (/var/www/adodb):


click on Submit Query

step 2 of 5:
Enter the needed info on the next screen: (leave the Use Archive Database as is):


click on Submit Query

step 3 of 5:
If you want to Use Authentication for the Base page you can do so here:

click on Submit Query

step 4 of 5:
Click on Create BASE AG to create the database.


and after Create BASE AG


Once done, click on Now continue to step 5...

To make the Graph's from BASE work you will also need to install Image_Color, Image_Canvas and Image_Graph.
To do this do:

pear install Image_Color
pear install Image_Canvas-alpha
pear install Image_Graph-alpha

That it for BASE!

If you want you can chmod the base-1.2.5 dir back to 775:

chmod 775 base-1.2.5

You can also delete the snorttemp directory, and all the files in it.

Starting Snort

To start SNORT and make BASE show you the Snort's logged info, you will need to run:

/usr/local/bin/snort -c /etc/snort/snort.conf -i eth0 -g root -D

Now wait some time and see all the Snort alerts show up in BASE.

Intrusion Detection With BASE And Snort - Page 4