Sophie

Sophie

distrib > Mandriva > 8.2 > i586 > media > contrib > by-pkgid > e4f9b956dc8533ccc84d3bcbd83c2e01 > files > 2

snortreport-1.11-1mdk.noarch.rpm

Snort Report 1.11
Circuits Maximus, LLC.
December 18, 2001


DESCRIPTION
Snort Report is an add-on module for the Snort Intrusion Detection System.
It provides real-time reporting from the MySQL or PostgreSQL database generated
by Snort.


INSTALLATION
1.  Requirements:
	a.  Operating System -  Snort Report has been tested on these systems:
		RedHat 6.x, 7.x
		SuSE 7.1
		Mandrake 8.0
		Slackware 8
		FreeBSD 4.2 and 4.3
		OpenBSD 2.9
		Mac OS X 10.0.4
	    Snort Report should work on any platform with MySQL and PHP.  Please
	    let us know if it runs on other systems!
	b.  Database - Currently, only MySQL 3.23 and PostgreSQL are supported.  It's
	    available at http://www.mysql.com.  A database abstraction layer
	    has now been added to Snort Report, so it should be trivial to add
	    support for Oracle, ODBC, etc, if anyone's interested.
	c.  Snort Intrusion Detection System - http://www.snort.org
	    Only version 1.8 is supported.  The MySQL database schema changed
	    between Snort 1.7 and 1.8 so earlier versions are not compatible.
	d.  Web server -  Apache 1.3 and PHP 4.0.4 (earlier versions may work)

2.  Optional Software - to display the nice pie graph, you will also need:
	a.  GD 1.8.4 - a general graphics library that supports PNG images.
	    You can get it at http://www.boutell.com.
	b.  Jpgraph 1.4 - This blows away phplot.  Download it from
	    http://www.aditus.nu/jpgraph.

3.  Installing Snort Report
	a.  Unzip the files into a directory on your web server.
	b.  Edit srconf.php to enable Snort Report to see your MySQL server and
	    Snort database.  Also edit the path to your Jpgraph distribution,
	    if you have it.
	c.  That's it!  Load alerts.php into your web browser.


PERFORMANCE
1.  Please see Performance.txt (included with this distribution) for tips on
    speeding up Snort Report with MySQL.
2.  You may also see slight speed improvements by installing the PHP Optimizer,
    available at http://www.zend.com.


TROUBLESHOOTING
1.  Make sure PHP is configured properly with all the support you need to run
    Snort Report.  Create a PHP file with <?phpinfo();?> in it and load it
    into your web browser to see all the configured modules.
2.  If you think you have a genuine bug, please let us know by email at
    snortreport@circuitsmaximus.com.  Sorry, but we don't provide support for
    installing Apache, PHP, etc.  Check out the vendor's website for help.


CHANGELOG
2001-12-18 - Version 1.11 release - Minor patch to ensure compatibility with Jpgraph 1.4,
		 courtesy of Erik Melander (emelander@wyndham.com).  Jpgraph 1.2.2 will
		 no longer work with SnortReport.
2001-11-08 - Version 1.1 release - Huge speed improvement thanks to optimization of code
                 by Chris Adams.  In particular, see Performance.txt for instuctions on
		 creating indexes on your MySQL tables.
2001-09-26 - Version 1.06 release - Added PostgreSQL support, thanks to Enrico
		 Scholz (Enrico.Scholz@informatik.tu-chemnitz.de).  Also added a Java
		 menu, thanks to Jason Costomiris.
		 Removed buggy historical trends support.
2001-08-27 - Version 1.05 released - added cascading style sheets, courtesy of
		 Jason Costomiris.  Also fixed the port database link.
2001-08-13 - Version 1.04 released - Thanks again to Jason Costomiris (jcostom@jasons.org)
		 and Chris Adams for their continuing contributions to the
		 Snort Report project!
	     Database abstraction layer added - If anyone would like to add
	         PostgreSQL, Oracle, or ODBC support, it will be much easier now!
2001-08-09 - Version 1.03 released - Minor cleanup to HTML code
2001-08-08 - Version 1.02 released - Many thanks to Chris Adams (chris@improbable.org)
	         and Patrick Lang (patricklang@mail.utexas.edu) for their
		 contributions to Snort Report.
	     General code optimization, including cleaning up various PHP warnings,
		 adding some input validation, speeding up sorting, and switching to
		 UNIX timestamps.
 	     Added reference links to signature and port databases (Arachnids, CVE,
		 BUGTRAQ, etc.)
	     Added timeline graph
2001-07-30 - Version 1.01 released
	     Fixed IP address display error when first octet < 16
2001-07-22 - Version 1.0 released


TO DO
Features that will be added in upcoming releases:
1.  Add user-configurable variable to change default time period in alerts.php
2.  Optional auto-refresh of alerts.php
3.  Add support for JPGraph 1.3
4.  More detail on ICMP packets


LICENSE
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version.

This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
more details.

You should have received a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
Place - Suite 330, Boston, MA 02111-1307, USA.


Copyright 2001, Circuits Maximus, LLC.

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional