Unidade3 roteiro ips
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Unidade3 roteiro ips

on

  • 462 views

 

Statistics

Views

Total Views
462
Views on SlideShare
462
Embed Views
0

Actions

Likes
0
Downloads
5
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Unidade3 roteiro ips Document Transcript

  • 1. Curso Superior de Tecnologia em Redes de Computadores Segurança da Informação Prof. Leandro Almeida Roteiro – IPS 1 Cenário 2 Instalação • Requisitos: gcc gcc-c++ pcre # yum install gcc gcc­c++ #   wget  ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre­8.20.tar.bz2 # tar ­xjvf pcre­8.20.tar.bz2 # cd pcre­8.20/ # ./configure # make # make install • Compilar e instalar - HLBR # wget http://downloads.sourceforge.net/project/hlbr/HLBR/hlbr­1.7.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fhlbr%2F&ts=1335036293&use_mirror=ufpr # tar ­xvzf hlbr­1.7.2.tar.gz # cd hlbr­1.7.2/
  • 2. ATENÇÂO!!!!!Neste momento devemos alterar uma linha do script configure, para que a instalação ocorra sem problemas. Devemos indicaro caminho correto da biblioteca pcre instalada anteriormente. Para isso abra o arquivo configure, procure pela seção dabiblioteca pcre e deixe como abaixo:# vi configureecho -n "Buscando libpcre / Checking for libpcre............"if [ -e /usr/local/include/pcre.h ]thenecho "Encontrado / Found"elseecho "Nao encontrado / Not found"exit 1fi Continuando.... # ./configure # make  # make install 3 Configuração • Interfaces de rede ◦ eth0: 127.0.0.2/8 ◦ eth1: 127.0.0.3/8 • Arquivo de configuração(hlbr.config)<system>Name=HLBR_1ID=1Threads=1AlertHeader=%ac %m/%d/%y %h:%min:%s %sip:%sp­>%dip:%dpPidFile=/var/run/hlbr.pid</system><interface eth0>Type=linux_rawProto=Ethernet</interface><interface eth1>Type=linux_rawProto=Ethernet</interface><IPList www>192.168.0.200</list><IPList servers>www</list>
  • 3. <action action1>response=alert file(/var/log/hlbr/hlbr.log)response=dump packet(/var/log/hlbr/hlbr.dump)response=drop</action><action action2>response=alert file(/var/log/hlbr/hlbr­2.log)response=dump packet(/var/log/hlbr/hlbr­2.dump)</action><action virus>response=alert file(/var/log/hlbr/virus.log)response=dump packet(/var/log/hlbr/virus.dump)response=drop</action><routing>SBridge(eth0, eth1)</routing><decoder http>OPTIONS,GET,HEAD,POST#CONNECT,PUT,DELETE,TRACE,COPY,MOVE,PROPFIND,PROPPATCH,UNLOCK,LOCK,MKCOL,NOTIFY,POLL#VERSION­CONTROL,REPORT,CHECKIN,UNCHECKOUT,CHECKOUT,UPDATE,LABEL,MERGE,BASELINE­CONTROL,MKACTIVITY#BCOPY,BMOVE,BDELETE,BPROPFIND,BPROPPATCH,X­MS­ENUMATTS,UNBPROP,BPROP</decoder> 4 Execução # cd /etc/hlbr # hlbr ­c hlbr.config ­r empty.rules &