RedHat linux 9系统下构建小型入侵检测系统

tar -zxvf httpd-2.0.xx.tar.gz
cd httpd_2.xx.xx
/configure --prefix=/www --enable-so
注：apache根目录为 /www
make
make install
cd ..
tar -zxvf php-4.3.x.tar.gz
cd php-4.3.x
/configure --prefix=/www/php --with-apxs2=/www/bin/apxs --with-config- filepath=/www/php --enable-sockets --with-mysql=/usr/local/mysql --with-zlibdir=/
usr/local --with- gd

cp php.ini-dist /www/php/php.ini

LoadModule php4_module modules/libphp4.so
AddType application/x-httpd-php .php

#
# LoadModule foo_module modules/mod_foo.so
LoadModule php4_module modules/libphp4.so
# AddType allows you to tweak mime.types without actually editing it, or ?$
# make certain files to be certain types.
#
AddType application/x-tar .tgz
AddType image/x- icon .ico
AddType application/x-httpd-php .php

cp /www/bin/apachectl /etc/init.d/httpd
cd /etc/rc3.d
ln -s /etc/init.d/httpd S85httpd
ln -s /etc/init.d/httpd K85httpd
cd /etc/rc5.d
ln -s /etc/init.d/httpd S85httpd
ln -s /etc/init.d/httpd K85httpd

cd /etc/init.d
/httpd start

cd /www/htdocs
vi test.php
加入
lt;?php
hpinfo();
?>

mkdir /etc/snort
mkdir /var/log/snort
tar -zxvf snort-2.x.x.tar.gz
cd snort-2.x.x
/configure --with-mysql=/usr/local/mysql
make
make install

cd rules (在snort安装目录下）
cp * /etc/snort
cd ./etc
cp snort.conf /etc/snort
cp *.config /etc/snort

output database: log, mysql, user=root password=your_password
dbname=snort host=localhost

cd /contrib
cp S99snort /etc/init.d/snort
vi /etc/init.d/snort

CONFIG=/etc/snort/snort.conf
#SNORT_GID=nogroup (注释掉）
#8194;$SNORT_PATH/snort -c ?$CONFIG -i ?$IFACE ?$OPTIONS
(去掉原文件中的 -g ?$SNORT_GID )
chmod 755 /etc/init.d/snort
cd /etc/rc3.d
ln -s /etc/init.d/snort S99snort
ln -s /etc/init.d/snort K99snort
cd /etc/rc5.d
ln -s /etc/init.d/snort S99snort
ln -s /etc/init.d/snort K99snort