Feb 1, 2008

UBUNTU: Installing Bro-IDS

Today is a public holiday for Kuala Lumpur. It's Wilayah's Day! but it's a bit boring when you dont have any plan to do. So I was a lil bored and currently in a mood of "try and error". So I google around and find a nice tutorial on how to install an IDS call Bro-IDS.

IDS is Intrusion Detetction System which is a common term used by sysadmin on their daily basis working hours. And I'm not one of them for sure. But I'd like to try what they call the basic fundamental of preventing network intrusion. I follow the tutorial here but can't compile the source. So i figure out some additional steps need to be done before compiling the source code.

So I come out with this how-to:

  1. First of all you need to get all the dependencies ready before compiling bro-ids source code. To get ready you have to open up terminal and run apt-get :
  2. sudo apt-get install libncurses5-dev g++ bison flex libmagic-dev libgeoip-dev libssl-dev
  3. After finished installing dependencies, you have to download the source code. In this tutorial i'll use the stable release of Bro-IDS. You can download it here.
  4. So, I'll assume that your source code is located at your desktop. Type "cd Desktop/" to go to the desktop folder.
  5. Unzip the tarball by using this "tar zxvf bro-1.2-stable.tar.gz"
  6. cd bro-1.2.1
  7. ./configure
  8. make
  9. make install
  10. make install-brolite
Walla... you're done installing the Bro IDS. Really you need to check the bro.cfg if you fail to run brolite. May be you make a mistake when configuring the bro.cfg while "make install-brolite" process. Happy trying!

*** The Bro IDS download URL was updated on 11th November 2011.

Thank you for your unbelievable support on Negative Zero - Permission to read and write blog for nearly 4 years. Don't forget to like Negative Zero on Facebook.
Blogirific.com Blog Directory

Post(s) you might like to read :