White paper network ids and ips deployment Strategies Nicholas Pappas

Download 2,67 Mb. Pdf ko'rish
bet	15/25
Sana	14.05.2024
Hajmi	2,67 Mb.
	#233760

1 ... 11 12 13 14 15 16 17 18 ... 25

General Outline:
1. Acquire OpenBSD ports
2. Network Setup
3. MySQL Installation
4. Snort Installation
5. Oinkmaster Installation
6. Barnyard Installation
7. Integration
8. BASE Installation
9. Baseline pf.conf
NOTE: The details listed below have commands input to the command line interface
showing in
red font
. Any output shown from commands, or file contents will be
shown in
italic red font
.
All commands pickup after a base install of OpenBSD 4.2 and assume the root
user account is being used. Where possible, permissions were set appropriately for
the environment and daemons to run with non-root accounts upon completion of
the install process. Many of the packages were installed from the OpenBSD ports
collection. You may setup the partitions as you see fit. However, please note that
you must have an ample amount of space in your /var partition as that is where the
database will be stored. Just as an example, the prototype had 10GB of memory
reserved for the /var partition.
Nicholas Pappas
35
@ 2021 SANS Institute
Author Retains Full Rights

© SANS Institute 200
8
,
Author retains full rights.
© SANS Institute 200
8
, Author retains full rights.
Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46
Network IDS & IPS Deployment Strategies
Partitions and their sizes for the prototype system:
Filesystem
Size
Mount Point
/dev/wd0a
200MB
/
/dev/wd0h
10GB
/archive
/dev/wd0g
5GB
/home
/dev/wd0d
500MB
/tmp
/dev/wd0f
15GB
/usr
/dev/wd0e
10GB
/var

Download 2,67 Mb.

1 ... 11 12 13 14 15 16 17 18 ... 25

Download 2,67 Mb.

Pdf ko'rish