Intrusion Detection With BASE And Snort - Page 4

BASE web page setup

Open your favorite web browser and go to: http://www.example.com/base-1.2.5/setup
If all is setup okay you should see the BASE Setup Program page:

BASE setup

Click on Continue

step 1 of 5:
Enter the path to ADODB (/var/www/adodb):

BASE Step 1 setup
click on Submit Query

step 2 of 5:
Enter the needed info on the next screen: (leave the Use Archive Database as is):

BASE Step 2 setup
click on Submit Query

step 3 of 5:
If you want to Use Authentication for the Base page you can do so here:

BASE Step 3 setup

click on Submit Query

step 4 of 5:
Click on Create BASE AG to create the database.

BASE Step 4a setup
and after Create BASE AG
BASE Step 4b setup

Once done, click on Now continue to step 5...

BASE Step 5 setup

To make the Graph's from BASE work you will also need to install Image_Color, Image_Canvas and Image_Graph.
To do this do:

pear install Image_Color
pear install Image_Canvas-alpha
pear install Image_Graph-alpha

That it for BASE!

If you want you can chmod the base-1.2.5 dir back to 775:

chmod 775 base-1.2.5

You can also delete the snorttemp directory, and all the files in it.

Starting Snort

To start SNORT and make BASE show you the Snort's logged info, you will need to run:

/usr/local/bin/snort -c /etc/snort/snort.conf -i eth0 -g root -D

Now wait some time and see all the Snort alerts show up in BASE.

BASE alerts

Share this page:

9 Comment(s)