close
Warning:
Can't synchronize with repository "(default)" (Unsupported version control system "svn": /usr/lib/python2.7/dist-packages/libsvn/_fs.so: failed to map segment from shared object: Cannot allocate memory). Look in the Trac log for more information.
- Timestamp:
-
Aug 6, 2008, 5:34:33 PM (17 years ago)
- Author:
-
waue
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v88
|
v89
|
|
| 17 | 17 | var HOME_NET any |
| 18 | 18 | var EXTERNAL_NET !$HOME_NET |
| 19 | | |
| 20 | 19 | }}} |
| 21 | 20 | |
| 22 | 21 | 2. 紀錄警訊 |
| 23 | 22 | |
| | 23 | > $ sudo snort -c /etc/snort/snort.conf -i eth0 |
| | 24 | |
| | 25 | > $ sudo tcpreplay -i eth0 --topspeed /home/waue/sp1.tcpdump |
| | 26 | |
| | 27 | 3. 分析格式、載入雲端 |
| | 28 | |
| | 29 | * 用一般java application 於 local 運行 SnortParser.java |
| | 30 | * 修改main的輸入輸出參數 |
| 24 | 31 | {{{ |
| 25 | | |
| 26 | | $ sudo snort -c /etc/snort/snort.conf -i eth0 |
| 27 | | |
| 28 | | $ sudo tcpreplay -i eth0 --topspeed sp1.tcpdump |
| 29 | | |
| | 32 | String in = new String("/home/waue/Desktop/alert_flex.txt"); |
| | 33 | String ou = new String("/home/waue/Desktop/alert_flex_parsed.txt"); |
| 30 | 34 | }}} |
| 31 | 35 | |
| 32 | | 3. 分析格式 |
| | 36 | * 載入雲端 |
| 33 | 37 | |
| 34 | | {{{ |
| | 38 | > $ cd /dir/hadoop |
| 35 | 39 | |
| 36 | | }}} |
| | 40 | > $ bin/hadoop dfs -put snort-log/ snort-log/ |
| 37 | 41 | |
| 38 | 42 | 4. 紀錄雲端運算時間 |
