Instalando e Integrando o SWATCH com SNORT
Este script automatiza a instalacao do Simple WATCH para respostas em tempo real no NIDS Snort.
Descrição
Este script automatiza a instalacao do Simple WATCH para respostas em tempo real no NIDS Snort.
#!/bin/sh
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# This script installed Simple Log WATCH (SWATCH) with Network Intrusion Detect System Snort
#
# by: Marcos Pitanga <mpitanga@gplus.com.br>
# Wed Sep 1 21:00:19 BRT 2004
inicial()
{
clear
echo -e "****************************************************************************"
echo -e "** Este script facilita o procedimento de instalacao do Simple Log WATCH **"
echo -e "** Snort Network Intrusion Detection System **"
echo -e "** By Marcos Pitanga **"
echo -e "****************************************************************************"
sleep 5
}
declare_vars()
{
SWATCH_DIR="/usr/local/swatch_fontes"
MAKE="`which make`"
MKDIR="`which mkdir`"
SED="`which sed`"
TAR="`which tar`"
COPY="`which cp`"
WGET="`which wget`"
PERL="`which perl`"
CONFIG="./configure"
# Crio o diretorio para os fontes
if [ ! -d $SWATCH_DIR ]; then
mkdir -p $SWATCH_DIR
fi
}
downloads()
{
echo "Baixando os pacotes. Espere um pouquinho."
echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources
cd $SWATCH_DIR
if [ ! -e swatch-3.1.1.tar.gz ]; then
$WGET http://voxel.dl.sourceforge.net/sourceforge/swatch/swatch-3.1.1.tar.gz >> /var/log/downloads_sources 2>&1
fi
cd $SWATCH_DIR
echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources
}
instala_modulos_perl()
{
$PERL -e 'use CPAN; install Date::Calc'
$PERL -e 'use CPAN; install Date::Parse'
$PERL -e 'use CPAN; install File::Tail'
$PERL -e 'use CPAN; install Time::HiRes'
$PERL -e 'use CPAN; install Date::Manip'
}
instala_swatch()
{
echo "Instalando o SWATCH."
echo "[ Instalando $package_name ]" >> /var/log/swatch_source
swatch_source=$package_name
swatch_dir=`echo $swatch_source | sed s/\.tar\.gz//`
$TAR -xzf $swatch_source >> /var/log/swatxh_source 2>&1
cd $swatch_dir >> /var/log/swatch_source 2>&1
$PERL Makefile.PL
$MAKE >> /var/log/swatch_source 2>&1
$MAKE test >> /var/log/swatch_source 2>&1
$MAKE install >> /var/log/swatch_source 2>&1
$MAKE realclean >> /var/log/swatch_source 2>&1
cd $SWATCH_DIR >> /var/log/swatch_source 2>&1
echo "[ Fim da instalacao do SWATCH ]" >> /var/log/swatch_source
}
cria_arquivo()
{
echo -e "
watchfor /.*/
bell
echo bold
mail address=pitanga,subject= - NIDS Snort Alerta!!! - -
throttle 00:00:10" >> /var/log/.swatchrc
echo -e "swatch -c /var/log/.swatchrc -t /var/log/snort/alert" >>/etc/rc.d/rc.local
}
fim_instalacao()
{
echo "Pacotes instalados."
}
inicial
declare_vars
downloads
package_name=`ls swatch-3.1.1.tar.gz`
instala_modulos_perl
instala_swatch
cria_arquivo
fim_instalacao