snort + ACID

nitro322 · Guru Joined: 24 Jul 2002 Posts: 596 Location: USA

what's the easiest way to install configure ACID on a gentoo system? Is there an ebuild available anywhere for it, or do I have to download and install from source? Any tricks or gotchas I should be aware of when configuring it to used a portage install of snort, apache, php, etc.? Thanks.

RagManX · Posted: Wed Nov 20, 2002 7:21 pm Post subject:

I'm working on this myself. I have everything working somewhat, but not everything working right. There is a snort ebuild, but it isn't for the latest version. To get ACID going, you'll need to install MySQL, Apache, and PHP via ebuilds and then manually add some of the ACID dependencies as listed in the ACID install document. You'll also probably need to search this forum for help on getting PHP support working with Apache. I've been able to get everything working just using the ebuilds for everything Gentoo supports and manually adding the remaining tools ACID needs. The only thing missing at this point is I can't get image support to work, so no graphs. But since I don't use those much anyway, I can put that off until later.

RagManX
_________________
http://www.gamingideas.com/ - an open discussion site for game improvement and new game ideas

Kabuto · l33t Joined: 01 Aug 2002 Posts: 701

Same here. Already had Apache and mod_php. Emerged snort and acid was tgzed in the install. Un tarred it to the htdocs and away it went after getting snort set up. I also used mysql with snort. The only time consuming thing was getting snort configured correctly.

I also can't get the GD support. I add GD to the use= and mod_php ebuild doesn't pick it up. I notice there is an if/then for pdflib to compile in GD in mod_php. I'll play with it some more later.

nitro322 · Guru Joined: 24 Jul 2002 Posts: 596 Location: USA

I haven't had a chance to play with snort of ACID much yet, but I did spend quite a while working on getting Apache + PHP + gd working a while back and never had any luck. Well, I believe I was able to get it working with the old version of gd, 1.8.4, but I needed the newest for the project I was working on. Also, in order to get the old version to work I had to disable a lot of other stuff in php, such as pdf support, etc. Really weird. Anyway, I ended up installing all 3 from source and didn't have a single problem. Not as convenient, but at least it works.

vibidoo · Guru Joined: 27 Nov 2002 Posts: 409

Do we have to install apache +php + mysql on the same machine than Snort ??

I had install snort + Iptables on a 32 Mb system , and I expect to install apache PHP Mysql on a other system to save system resource .

zentek · n00b Joined: 03 Jul 2002 Posts: 41

You can setup snort to log to an extarnal database server and you can config acid to query mostly any DB server. The only requirement is that apache, php and acide live on the same box.

For image support, the latest version of acid is using a new set of libraries. It is working flawlessly for me ;-)

vibidoo · Guru Joined: 27 Nov 2002 Posts: 409

I will follow this Howto

zentek · n00b Joined: 03 Jul 2002 Posts: 41

That's what i did :-)

RagManX · Posted: Wed Jan 29, 2003 2:42 pm Post subject: