Académique Documents
Professionnel Documents
Culture Documents
################################################################
Instalar Epel
$> yum -y install epel-release
- Instalar nagios y el MTA local
$> yum -y install nagios nagios-plugins* postfix
Configurar Nagios
$> vim /etc/nagios/nagios.cfg
34:cfg_file=/etc/nagios/objects/services.cfg
cfg_file=/etc/nagios/objects/hosts.cfg
cfg_file=/etc/nagios/objects/windows.cfg
$> vim /etc/nagios/objects/contacts.cfg
30:define contact{
contact_name
nagiosadmin
; Short name
use
generic-contact
;
alias
Nagios Admin
; Full name of user
email
tucorreo@tudominio.com ;
}
$> vim /etc/nagios/objects/hosts.cfg
define host{
use
generic-host
host_name
router.adiestra.pe
alias
Gateway Router
address
192.168.130.1
check_command
check-host-alive
max_check_attempts
20
notification_interval 240
notification_period
24x7
notification_options
d,u,r
contacts
nagiosadmin
}
define host{
use
host_name
alias
address
max_check_attempts
contacts
}
~
generic-host
mail.adiestra.pe
servidor web smtp
192.168.3.2
20
nagiosadmin
alumno
alumno
Advanced Setup
Standalone
Usuario a loguearse:
Correo para el snorby:
contrasea:
Data a ser guardada por sqguil
Days of data repair
Which IDS Engine...
Which IDS Ruleset...
Snort VRT Oinkcode
VRT Policy
PFRIng module
Which network interface ...
Do you enable IDS Engine?
CPU Cores
Enable Bro
Enbale file Extraction
CPU cores
idsadmin
tucorreo@dominio.com
alumno
30
7
Snort
Snort VRT Ruleset only snd set a VRT Policy
Pegar el oinkcode de tu cuenta
Security
4096
br0
Yes, enable ..
1
Yes
Yes enable file extraction
1
Yes enable http_agent
No Disable Argus
No Disable Prads
Yes enable full packet capture
pcap files 150
No, use default scatter
pcap ring buffer 64
percent of ...
90
No, disable salt
No, disable ELSA
Yes, proced with the changes