Unidade3 roteiro ips

426 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
426
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Unidade3 roteiro ips

  1. 1. Curso Superior de Tecnologia em Redes de Computadores Segurança da Informação Prof. Leandro Almeida Roteiro – IPS 1 Cenário 2 Instalação • Requisitos: gcc gcc-c++ pcre # yum install gcc gcc­c++ #   wget  ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre­8.20.tar.bz2 # tar ­xjvf pcre­8.20.tar.bz2 # cd pcre­8.20/ # ./configure # make # make install • Compilar e instalar - HLBR # wget http://downloads.sourceforge.net/project/hlbr/HLBR/hlbr­1.7.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fhlbr%2F&ts=1335036293&use_mirror=ufpr # tar ­xvzf hlbr­1.7.2.tar.gz # cd hlbr­1.7.2/
  2. 2. ATENÇÂO!!!!!Neste momento devemos alterar uma linha do script configure, para que a instalação ocorra sem problemas. Devemos indicaro caminho correto da biblioteca pcre instalada anteriormente. Para isso abra o arquivo configure, procure pela seção dabiblioteca pcre e deixe como abaixo:# vi configureecho -n "Buscando libpcre / Checking for libpcre............"if [ -e /usr/local/include/pcre.h ]thenecho "Encontrado / Found"elseecho "Nao encontrado / Not found"exit 1fi Continuando.... # ./configure # make  # make install 3 Configuração • Interfaces de rede ◦ eth0: 127.0.0.2/8 ◦ eth1: 127.0.0.3/8 • Arquivo de configuração(hlbr.config)<system>Name=HLBR_1ID=1Threads=1AlertHeader=%ac %m/%d/%y %h:%min:%s %sip:%sp­>%dip:%dpPidFile=/var/run/hlbr.pid</system><interface eth0>Type=linux_rawProto=Ethernet</interface><interface eth1>Type=linux_rawProto=Ethernet</interface><IPList www>192.168.0.200</list><IPList servers>www</list>
  3. 3. <action action1>response=alert file(/var/log/hlbr/hlbr.log)response=dump packet(/var/log/hlbr/hlbr.dump)response=drop</action><action action2>response=alert file(/var/log/hlbr/hlbr­2.log)response=dump packet(/var/log/hlbr/hlbr­2.dump)</action><action virus>response=alert file(/var/log/hlbr/virus.log)response=dump packet(/var/log/hlbr/virus.dump)response=drop</action><routing>SBridge(eth0, eth1)</routing><decoder http>OPTIONS,GET,HEAD,POST#CONNECT,PUT,DELETE,TRACE,COPY,MOVE,PROPFIND,PROPPATCH,UNLOCK,LOCK,MKCOL,NOTIFY,POLL#VERSION­CONTROL,REPORT,CHECKIN,UNCHECKOUT,CHECKOUT,UPDATE,LABEL,MERGE,BASELINE­CONTROL,MKACTIVITY#BCOPY,BMOVE,BDELETE,BPROPFIND,BPROPPATCH,X­MS­ENUMATTS,UNBPROP,BPROP</decoder> 4 Execução # cd /etc/hlbr # hlbr ­c hlbr.config ­r empty.rules & 

×