-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathINSTALL
29 lines (21 loc) · 1.1 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
fwsnort has its own installer "install.pl". Just run install.pl to install
fwsnort. After fwsnort has been installed, it is recommended that you edit
the /etc/fwsnort/fwsnort.conf file to define your internal network and lists
of your server infrastructure. You can just run fwsnort with the defaults
if you like.
DEPENDENCIES:
iptables String Matching:
fwsnort requires the iptables string match extensions in order to be able to
detect application layer attacks. Most Linux distributions include iptables,
and the string match extension is commonly included as well, so if you are
running a recent Linux distro you probably already have string matching
available. If not, you will need to enable the
CONFIG_NETFILTER_XT_MATCH_STRING variable in the kernel config file (for 2.6
series kernels) and recompile.
Perl modules:
fwsnort requires two perl modules in order to run properly:
IPTables::Parse
NetAddr::IP
These two modules are bundled with fwsnort within the deps/ directory, unless
you have downloaded the fwsnort-nodeps tarball, in which case these two
modules need to be installed in the perl library tree.