95a39ee Feb 18, 2012
30 lines (21 sloc) 1.1 KB
fwsnort has its own installer "". Just run to install
fwsnort. After fwsnort has been installed, it is recommended that you edit
the /etc/fwsnort/fwsnort.conf file to define your internal network and lists
of your server infrastructure. You can just run fwsnort with the defaults
if you like.
iptables String Matching:
fwsnort requires the iptables string match extensions in order to be able to
detect application layer attacks. Most Linux distributions include iptables,
and the string match extension is commonly included as well, so if you are
running a recent Linux distro you probably already have string matching
available. If not, you will need to enable the
CONFIG_NETFILTER_XT_MATCH_STRING variable in the kernel config file (for 2.6
series kernels) and recompile.
Perl modules:
fwsnort requires two perl modules in order to run properly:
These two modules are bundled with fwsnort within the deps/ directory, unless
you have downloaded the fwsnort-nodeps tarball, in which case these two
modules need to be installed in the perl library tree.