In this tutorial I will describe how to install and configure Snort (an intrusion detection system (IDS)) from source, BASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 7.10 (Gutsy Gibbon). Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which BASE will use to display a graphical interface in a web browser.
1. Prerequisites
The first thing I like to do is grab all the dependant packages that I can from Synaptic.
From the Desktop go to System > Administration > Synaptic Package Manager. Enter your password and select Search.
Search for the following packages and install them:
* Libpcap0.8-dev
* libmysqlclient15-dev
* mysql-client-5.0
* mysql-server-5.0
* bison
* flex
* apache2
* libapache2-mod-php5
* php5-gd
* php5-mysql
* libphp-adodb
* php-pear