[[PageOutline]]
 = Snort + Mysql + Base on Ubuntu = 

 == 安裝所需要檔案 == 
'''$ sudo apt-get install apache2 php5-mysql libphp-adodb'''
'''$ sudo apt-get install snort-mysql snort-doc'''
'''$ sudo apt-get install php5-gd php-pear'''
 == 修改snort設定檔 == 
'''$ sudo vim /etc/snort/snort.conf'''

增加
> output database: log, mysql, user=snort password=snort dbname=snort host=localhost
移除或註解以下此行（安裝 snort-mysql後才會出現）:
> output database: log, mysql,

 == 設定Mysql資料庫 == 

{{{
$ mysql -u root -p

mysql> SET PASSWORD FOR root@localhost=PASSWORD('password');
mysql> create database snort;
mysql> grant INSERT,SELECT on root.* to snort@localhost;
mysql> SET PASSWORD FOR snort@localhost=PASSWORD('snort');
mysql> grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort@localhost;
mysql> grant CREATE, INSERT, SELECT, DELETE, UPDATE on snort.* to snort;
mysql> exit

$ cp /usr/share/doc/snort-mysql/create_mysql.gz ./
$ gzip -d create_mysql.gz
$ mysql -u root -p < ./create_mysql snort

}}}

 == 設定snort網頁管理:BASE == 

 1 下載[http://base.secureideas.net/ BASE 專案] 並解開到/var/www之下，改名為base 
 2 改BASE的設定檔
{{{
$ cd /var/www/base
$ sudo cp base_conf.php.dist base_conf.php 
$ sudo vim base_conf.php 
//設定以下參數如：
>$BASE_urlpath = '/base';

>$DBlib_path = '/usr/share/php/adodb';

>$alert_dbname   = 'snort';

>$alert_host     = 'localhost';

>$alert_port     = '';

>$alert_user     = 'snort';

>$alert_password = 'snort';

}}}

 3 安裝php 額外套件

$ sudo pear install Image_Color

$ sudo pear install Image_Canvas-alpha

$ sudo pear install Image_Graph-alpha

 4 解除封印 

$ sudo rm /etc/snort/db-pending-config

 * ps : 可能可以直接安裝 $ sudo apt-get install acidbase省略掉以上步驟， 但沒試過

 5 奔跑吧！snort

$ sudo /etc/init.d/snort start

 == 檢視網頁 == 

看網頁是否成功開啟... 

 == 故障排除 == 

有空在寫囉！