Windows Snort (自由軟體IDS)系統建立程序-２

7. 檢查以上指令有無成功 查看權限

mysql>show grants for base@localhost;
mysql>show grants for snort@localhost;
８.設Mysql root 密碼
mysql>set password for root@localhost = password ("******"); #(內為密碼)為密碼
mysql>quit
9.開始->執行>cmd

cd \mysql\bin

c:\mysql \bin>mysql -u root -p密碼snort_log < c:\snort\schemas\create_mysql
c:\mysql \bin>mysql -u root -p密碼 snort_archive < c:\snort\schemas\create_mysql
再次登入看看資料欄位有無成功建立
c:\mysql\bin>mysql -u root -p
    輸入密碼
 mysql>use snort_log;
 mysql>show tables; 查看一下
 mysql>use snort_archive;  mysql>show tables; 查看一下

10.設定MySQL安全性
mysql&gt;drop database test;
mysql>use mysql;
mysql>delete from user where user='';
mysql>delete from user where user='%';
mysql>flush privileges;
11.安裝Apache Server 
    將安裝目錄設為c: 定選擇全部安裝 過程中出現防火牆請按解除封鎖
12.設定httpd.conf c:\Apache\conf\httpd.conf
     增加這三行
LoadModule php5_module c:\php\php5apache2_2.dll
AddType application/x-httpd-php .php
PHPIniDir c:\php 存檔離開
13.安裝設定PHP
    下載 http://www.php.net/downloads.php zip檔解壓縮至c:\php
 設定php.ini 將C:\php\php.ini-dist 變更成php.ini
max_execution_time = 30改max_execution_time = 900
display_errors = On改display_errors = Off
extension_dir = "./"改extension_dir = "c:\php\ext"
; cgi.force_redirect = 1改cgi.force_redirect = 0
;extension=php_gd2.dll改extension=php_gd2.dll
;extension=php_mysql.dlle改xtension=php_mysql.dll
;extension=mbstring.dll改extension=mbstring.dll
;session.save_path = "/tmp"改session.save_path = "c:\windows\temp"
;include_path = ".;c:\php\includes"改include_path = "c:\php\pear" 重新啟動系統

Windows Snort (自由軟體IDS)系統建立程序-1

1.http://www.snort.org/downloads 下載Snort 與 rule 需註冊可下載Free rule
2.安裝 Snort 並將rele解壓縮到c:\snort
3.到snort目錄下etc下編輯snort.conf

 A.把 var HOME_NET any 找出修改成

        1.本機IP(主機型IDS)

        2.192.168.104.0/24(單一區網 網路型IDS )

        3.[172.18.11.0/24 ,172.19.11.0/24,172.18.19.12.0/24...]多網段
        4.var RULE_PATH ../rules 更換var RULE_PATH c:\snort\rules

 B# config detection: search-method lowmem  del#

 C.dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/改成 dynamicpreprocessor directory c:\snort\lib\snort_dynamicpreprocessor

 D.dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so 之後改成 dynamicengine c:\snort\lib\snort_dynamicengine\sf_engine.dll

 E.# output log_tcpdump: tcpdump.log 改成 output alert_fast: alert.ids

 F.# preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low }

      改成preprocessor sfportscan: proto { all } memcap { 10000000 }sense_level { low }
logfile { portscan.log }

G.# output database: alert, 這行改成output database: alert, mysql, user=snort password=winsnort dbname=snort_log host=127.0.0.1 port=3306 sensor_name=HOSTNAME
H.安裝WinPcap
I.測試安裝是否正常 CMD 下打 snort -vp -iX "(X)為第幾張網卡"

4.將Snort設定成常駐程式

 A   -->開始-->執行-->

 B    cmd  cd \snort\bin

 C   snort /SERVICE /INSTALL -c c:\snort\etc\snort.conf -l c:\snort\log -K ascii -iX(X=第幾張網卡1 2 3 4以此類推)

 D 控制台->;系統管理工具->;服務 選擇snort 啟動類型改成自動 "若無法啟動 可能之前的步驟錯誤 請到 系統管理工具->的事件檢視器->應用程式 查看"

5.安裝ＭySQL 用進階設定將目錄裝在ｃ:\MySQL　並選擇 standard configuration 選擇跟圖片所是一樣設定,取消Modify Security Settings,最後按Execute-->Finish 完成安裝

接著修改c:\mysql\my.ini 將原設定

sql-mode="STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION" 改成

sql-mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"

6.進入ＭySQL command Line Client  還未設密碼直接Enter

 mysql>;create database snort_log;

 mysql>;create database snort_archive;

 mysql>;show databases;

 mysql>;grant USAGE on *.* to base@localhost identified by "WinSnort";

 mysql>;grant USAGE on *.* to snort@localhost identified by "WinSnort";

 mysql>;grant SELECT,INSERT,UPDATE,DELETE,CREATE,ALTER on snort_log.* to base@localhost;

 mysql>grant SELECT,INSERT,UPDATE,DELETE,CREATE on snort_archive.* to base@localhost;

 mysql>INSERT,SELECT,UPDATE on snort_log.* to snort@localhost;

EyeWriter System Requirements

1.There are also commercial products available -- costing in the range of ~$20,000 US or more-- that are
specifically designed to enable people with ALS to communicate using their eyes.(專用開發使用EyeWriter,非常昂貴)
Our functional design specifications are as follows:


1. The EyeWriter should be as inexpensive as possible (降低價錢盡量便宜)
2. The fabrication and assembly of the system should require only common hand tools(手工製作過程手工具具共通性)
3. Whenever possible components and parts should be available for purchase locally versus online
4. The camera should produce 640 x 480 NTSC video(能產生640 x 480 NTSC video)
5. The camera should be sensitive to near-field IR light ( 能感應紅外線)
6. The camera should not auto-iris (or auto-iris should be disabled in the camera's driver).(不要有自動偵測
自動偵測亮度功能或可以關閉)
7. IR LEDs should be used to illuminate the pupil  (需要 IR LED)

IR LED是甚麼東西?http://coopermaa2nd.blogspot.com/2010/01/nec-ir-protocol.html 這有解釋

紅外線遙控原理

外線是目前最常見的一種無線通訊，普遍使用在家電以及玩具產品，如電視、音響、錄放影機、冷氣機、DVD、MP3 Player、遙控車等。紅外線遙控之所以被大量採使用，主要是因為紅外線裝置體積小、成本低、耗電少及硬體設計容易。下圖是紅外線發射器 (Transmitter 或稱 IR LED)和接收器(Receiver)常見外觀，一般來說，紅外線遙控系統由發射器和接收器這兩部份組成。

製作過程可以參考這裡,PDF檔上描述的製作過程算清楚(
但是沒有相當技巧與勇氣可能會做壞掉 Ps3 Eye,價格台幣1500左右,但好像沒單獨PS3 eys 都被需搭配PS3遊戲
不過應該在視訊監控系統的監控CCD 類似http://www.videoaccess.com/ir_camera_ch.html
可否產生上述功能要求,並支援Linux,更簡易的達成EyeWriter 使用的專屬眼鏡

作者選用因為
1.PS3 eye 比較便宜;
2.整合影像擷取卡 電腦不必多安裝
3.比較輕巧 外殼機構去掉容易改裝

CentOS setup snort-2.8.6

1.yum -y install gcc libpacp-devel pcre-devel
2.download snort-2.8.6
3.tar zxvf snort-2.8.6.tar,gz
4.cd snort-2.8.6
5. ./configure  "時間編譯中"
6.make
7.make install
8.mkdir /etc/snort/
9.cp -r etc/* /etc/snort/
10.cd..
11.註冊登入 download SnortRules
12.tar zxvf snortrules-snapshort-2.8.tar.gz -C /etc/snort/
13.mkdir /var/log/snort
14.vi /etc/snort/snort.conf

9個步驟使用Tux2live 完成客製化Ubuntu livecd