#!/bin/bash
# on CentOS 7(minimal)
clear
mkdir /root/install
cd /root/install
echo
echo "================================="
echo "Step 1 : start mysql installation"
echo "================================="
echo
read -p "press enter for continue"
echo
# mysql 설치를 위한 yum 저장소 구축
rpm -ivh https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
# mysql 설치
yum install mysql-server mysql-devel -y
echo
echo "-------------------------"
echo "Start mysql configuration"
echo "-------------------------"
echo
read -p "press enter for configuration"
echo
service mysqld start
# 패스워드 정책이 너무 까다로워서 -_-
echo "validate-password=off" >> /etc/my.cnf
service mysqld restart
# mysql root 임시 패스워드 확인
PW=`grep "temporary password is generated" /var/log/mysqld.log | grep -oP "\S+$"`
echo
echo "--------------------------------------"
echo "temporary root password : $PW"
echo "--------------------------------------"
# mysql root 패스워드 재설정 및 원격 접속 허용
mysql_secure_installation
echo
echo "--------------------------------------------"
echo "input password for allow root login remotely"
echo "--------------------------------------------"
mysql -u root -p -e "grant all privileges on *.* to 'root'@'%' identified by 'your password';"
# 신규 설정 적용
echo
echo "-----------------------------------"
echo "input password for flush privileges"
echo "-----------------------------------"
mysql -u root -p -e "flush privileges;"
# mysql 설치 경로 확인
echo
echo "-------------------------"
echo "mysql installation status"
echo "-------------------------"
whereis mysql|cut -d " " -f 2
whereis mysql|cut -d " " -f 3
whereis mysql|cut -d " " -f 4
whereis mysql|cut -d " " -f 5
whereis mysql|cut -d " " -f 6
echo
echo "================================="
echo "Step 2 : start snort installation"
echo "================================="
echo
read -p "press enter for continue"
echo
# snort 설치에 필요한 패키지 설치
yum install wget gcc bison flex libpcap* pcre* libdnet* zlib* libtool python-devel -y
echo
echo "-------------------------"
echo "Start nghttp installation"
echo "-------------------------"
echo
read -p "press enter for continue"
echo
# daq 설치 시 요구되는 nghttp2 사전 설치(없어도 문제는 없음)
wget https://github.com/nghttp2/nghttp2/releases/download/v1.29.0/nghttp2-1.29.0.tar.gz
tar -xvzf nghttp2-1.29.0.tar.gz
cd nghttp2-1.29.0
./configure && make && make install
cd /root/install
echo
echo "----------------------"
echo "Start daq installation"
echo "----------------------"
echo
read -p "press enter for continue"
echo
# daq 설치
wget https://snort.org/downloads/archive/snort/daq-2.0.6.tar.gz
tar -xvzf daq-2.0.6.tar.gz
cd daq-2.0.6
./configure && make && make install
cd /root/install
echo
echo "------------------------"
echo "Start snort installation"
echo "------------------------"
echo
read -p "press enter for continue"
echo
# snort 설치
wget https://snort.org/downloads/archive/snort/snort-2.9.11.1.tar.gz
tar -xvzf snort-2.9.11.1.tar.gz
cd snort-2.9.11.1
./configure && make && make install
cd /root/install
echo
# snort conf, rule 파일 경로
mkdir -p /etc/snort/rules
# snort log 파일 경로
mkdir /var/log/snort
# snort 설치 확인
echo
echo "-------------------------"
echo "snort installation status"
echo "-------------------------"
whereis snort|cut -d " " -f 2
whereis snort|cut -d " " -f 3
echo
echo "====================================="
echo "Step 3 : start barnyard2 installation"
echo "====================================="
echo
read -p "press enter for continue"
echo
# snort와 mysql 연동을 위한 barnyard2 설치
wget https://github.com/firnsy/barnyard2/archive/master.tar.gz -O barnyard2-Master.tar.gz
tar -xvzf barnyard2-Master.tar.gz
cd barnyard2-master
./autogen.sh
# 에러가 발생하면 autogen.sh 재실행
if ! [ -e Makefile.in ]
then
echo "--------------------------"
echo "cannot find 'Makefile.in'"
echo "execute 'autogen.sh' again"
echo "--------------------------"
echo
read -p "press enter for continue"
echo
CNT = 2
while ! [ -e Makefile.in ]
do
echo
echo "------------------"
echo "try 'autogen.sh[$CNT]'"
echo "------------------"
echo
./autogen.sh
CNT = `expr $CNT + 1`
done
./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql && make && make install
else
./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql && make && make install
fi
echo
echo "----------------------"
echo "Start db configuration"
echo "----------------------"
echo
read -p "press enter for continue"
echo
# snort 데이터베이스 생성
echo "----------------------------------------"
echo "input password for create database snort"
echo "----------------------------------------"
mysql -u root -p -e "create database snort";
# 데이터베이스 스키마 생성
echo
echo "--------------------------------------"
echo "input password for create snort schema"
echo "--------------------------------------"
mysql -u root -p -D snort < /root/install/barnyard2-master/schemas/create_mysql
# snort 로그를 읽어드릴 barnyard2 임시 파일
touch /var/log/snort/barnyard2.waldo
# barnyard2 log 파일 경로
mkdir /var/log/barnyard2
# mysql 원격 접속을 위해 방화벽 꺼버림 -_-
echo
echo "--------------------"
echo "firewall service off"
echo "--------------------"
chkconfig firewalld off
service firewalld stop
# barnyard2 설치 확인
echo
echo "-----------------------------"
echo "barnyard2 installation status"
echo "-----------------------------"
whereis barnyard2|cut -d " " -f 2
whereis barnyard2|cut -d " " -f 3
관련 글
댓글 없음:
댓글 쓰기