Information Security & US & Life & Love & Fashion & Hacking & Passion

Download Snort and uncompress it.

Error messages you can get after the "./configure --with-mysql" command:

Build-essential is not installed

root@ubuntu:/home/po/Desktop/snort-2.6.1.3# ./configure --with-mysql
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... no
checking whether to enable maintainer-specific portions of Makefiles... no
checking for style of include used by make... none
checking for gcc... no
checking for cc... no
checking for cc... no
checking for cl... no
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details.

Libnet1-dev is not installed

ERROR! Libpcap library/headers not found, go get it from
http://www.tcpdump.org
or use the --with-libpcap-* options, if you have it installed
in unusual place

Libpcap0.8-dev is not installed

ERROR! Libpcap library/headers not found, go get it from
http://www.tcpdump.org
or use the --with-libpcap-* options, if you have it installed
in unusual place

Libpcre3-dev is not installed

ERROR! Libpcre header not found, go get it from
http://www.pcre.org

Libmysqlclient12-dev is not installed

**********************************************
ERROR: unable to find mysql headers (mysql.h)
checked in the following places
/usr/include
/usr/include/mysql
/usr/local/include
/usr/local/include/mysql
**********************************************

2 - CONFIGURE THE SQL DATABASE

Add a password for the MySQL root user:

3 - CONFIGURE SNORT FOR SQL

We now have to forward the logs into the MySql database:
This is already done by installing the snort-mysql package, we just need only to configure the username and password to access the snort database.
In the /etc/snort/snort.conf file, we have to change the line between (#DBSTART#) and (#DBEND#):

Howto install Tomcat 5 on CentOS 4

Posted by Jason on Saturday, October 14, 2006

wget -P /etc/yum.repos.d http://jpackage.org/jpackage.repo

Other repo's you will want to install are:

wget -P /etc/yum.repos.d http://centos.karan.org/kbsingh-CentOS-Extras.repo

wget -P /etc/yum.repos.d http://www.sipfoundry.org/pub/sipX/3.2/sipx-centos.repo

wget -P /etc/yum.repos.d http://dev.centos.org/centos/4/CentOS-Testing.repo

Edit the jpackage.repo file you retrieved and enable the repositories appropriate to your distribution.  In the case of CentOS I set

 enabled=1 on the jpackage-rhel sections.  


The JPackage RPMs are digitally signed using a GPG key, import their key into your RPM keyring

rpm --import http://jpackage.org/jpackage.asc

Import extra keys

rpm --import /usr/share/rhn/RPM-GPG-KEY
rpm --import /usr/share/rhn/RPM-GPG-KEY-centos4 

Before being able to use the new repositories you'll need to build a local cache of their metadata, running this will access the mirrors and might take some time depending on your connection and CPU speed.

yum makecache

Check to see if we have necessary packages to manipulate the RPM's

rpm -qi rpm-build

rpm -qi fedora-rpmdevtools

If not, get them:

yum install fedora-rpmdevtools rpm-build

Get some devel tools:

yum install gcc gcc-c++ autoconf automake libtool subversion

yum install rpm-build doxygen fedora-rpmdevtools

Install java tools:

yum install ant-commons-logging ant-junit ant-trax ant-nodeps 

yum install jakarta-commons-beanutils jakarta-commons-collections

Please read the man page for alternatives:

man alternatives

Next, since Sun does not make available its jdk via yum, you have to go to the sun site and download it.  If you point your browser over to:

http://java.sun.com/javase/downloads/index.jsp

You can download the one you see fit.  I downloaded JDK 5.0 Update 7, which at the time of this howto was the current one.  When you see the Sun download page, accept the agreement and pick the "Linux RPM in self-extracting file"  (the one that ends in rpm.bin).

When your Sun JDK Linux RPM self-extracting file finally arrives you need to execute it, since it is a shell script. It contains the license agreement and the compressed RPM package with Sun JDK. It will ask you if you agree to the long license. Say yes, then it will uncompress the RPM with JDK, and then it will install it. To run it do:

chmod 755 jdk-1_5_0_07-linux-i586-rpm.bin

./jdk-1_5_0_07-linux-i586-rpm.bin

Unfortunately, the Sun RPM package puts files in different locations than the ones required by CentOS. After running the script you will see a new directory /usr/java/jdk1.5.0_07 with JDK files. Note that the actual RPM is left in the directory where you ran the Sun's jdk-1_5_0_07-linux-i586-rpm.bin script, however, you do not need to process the RPM, since script already did it. You may, however, use the RPM package if you want to install the JDK on another machine or if you erased the JDK at some point with a the RPM's rpm -e jdk-1.5.0_07-fcs command. Now, we are ready to install the SUN JDK compatibility RPM from the JPackage.org

yum --enablerepo=jpackage-generic-nonfree install java-1.5.0-sun-compat

This will create a bunch of links in the /etc/alternatives and /usr/lib/jvm directories and others to the /usr/java/jdk1.5.0_07 directory where the Sun JDK distribution resides. To check which files were affected do:

rpm -q -l java-1.5.0-sun-compat

Check if the Sun JDK is really a default by doing:

java -version

If you get:

java version "1.4.2"

gij (GNU libgcj) version 4.1.1 20060525 (Red Hat 4.1.1-1)


Copyright (C) 2006 Free Software Foundation, Inc.

This is free software; see the source for copying conditions. There is NO

warranty; not even for MERCHANTABILITY or FITNESS FOR A 

PARTICULAR PURPOSE.

(or similar) then something did NOT work. If you get:

java version "1.5.0_07"Java(TM) 2 Runtime Environment, 

Standard Edition (build 1.5.0_07-b03)

Java HotSpot(TM) Client VM (build 1.5.0_07-b03, mixed mode, sharing) 

then the Sun JDK is your default. You can use alternatives to check (or change) the default JDK by:

alternatives --config java

It should show something like:

There are 2 programs which provide 'java'.


 Selection Command

-----------------------------------------------

 1 /usr/lib/jvm/jre-1.4.2-gcj/bin/java

*+ 2 /usr/lib/jvm/jre-1.5.0-sun/bin/java




Enter to keep the current selection[+], or type selection number: 

Hit [Enter] key if you want Sun JDK to be a default, or enter 1 if you want to

 change back to GNU Java.

Now, there will be times, when you want to get rid of Sun JDK and its entries for alternatives. DO NOT TOUCH THESE LINKS WITH YOUR BARE HANDS. Use yum to uninstall the JPackage Java compatibility package first and then erase the Sun JDK with rpm:

yum erase java-1.5.0-sun-compat

rpm -e jdk-1.5.0_07-fcs

Sometimes yum breaks. A popular situation is when you used rpm to install some package (or the package was installed with an install (older package is kept) rather than an update (older package is removed). In this case, yum gets confused with dependencies and complains, and it does not want to install a package. To see if this is a case (as it was when installing all of this), list all the installed rpm packages for some package name with a command:

rpm -qa | grep "java"

for example. If you see two versions of the same rpm, just erase the old one. Use the

rpm -e full_package_name_with_version

(but skip the .rpm) and then try yum update or yum install again. I am telling you this, since we will definitely have more javas and compats coming, and the mess happens. For example (at this time a hypothetical one), if you got stuck with two compat packages when updates to the JDK were processed:

rpm -qa | grep "java-1.5.0-sun-compat"


java-1.5.0-sun-compat-1.5.0.07-1jppjava-1.5.0-sun-compat-1.5.0.08-1jpp 

remove the older package as:

yum erase java-1.5.0-sun-compat-1.5.0.07-1jpp

or, if still no go:

rpm -e java-1.5.0-sun-compat-1.5.0.07-1jpp

and try again.

So... JAVA_HOME.  In your shell, type:

JAVA_HOME=/usr/lib/jvm/java

export JAVA_HOME

or if you are C-shellish:

setenv JAVA_HOME /usr/lib/jvm/java

For some reason yum was bugging out and not recognizing the xml-commons-apis, i downloaded the RPM from jpackage.org and "rpm -ivh xml-commons-apis" it in place and you can now install tomcat5 without a hitch. (I guess this may be a case of screwy obsoletes and provides with some of the jpp packages)

yum install tomcat5 tomcat5-webapps tomcat5-admin-webapps

We will use redhats standard apache2 with mod_jk to talk to Tomcat, so first we install:

yum install httpd mod_jk-ap20

Check to make sure the default tomcat users are located in /etc/tomcat5/tomcat-users.xml.

[root@centos tomcat5]# cat /etc/tomcat5/tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>

<tomcat-users>

 <role rolename="tomcat"/>

 <role rolename="role1"/>

 <user username="tomcat" password="tomcat" roles="tomcat"/>

 <user username="role1" password="tomcat" roles="role1"/>

 <user username="both" password="tomcat" roles="tomcat,role1"/>

</tomcat-users>

[root@centos tomcat5]#

Test tomcat5:

service tomcat5 start

If all is well, you can see the tomcat welcome page on 8080. Now we will configure apache to work with mod_jk to grab everything on port 80.  Apache configuration has a directory for custom configuration files in /etc/httpd/conf.d, we will add the mod_jk config there in a seperate file called mod_jk.conf.   So, open up your favorite editor and enter the following in a file named mod_jk.conf in the /etc/httpd/conf.d dirctory:

LoadModule jk_module modules/mod_jk.so

JkWorkersFile /etc/tomcat5/jk/workers.properties

JkLogFile /var/log/tomcat5/mod_jk.log

JkLogLevel error

JkMount /jsp-examples/* ajp13

Create a directory for the mod_jk properties file in /etc/tomcat5/jk and put the following in a file called workers.properties in that directory. Using this file you can change location of the log files and the log level later on.

LoadModule jk_modules/mod_jk.so
JkWorkersFile /etc/tomcat5/jk/workers.properties
JkLogFile /var/log/tomcat5/mod_jk.log
JkLogLevel error
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkMount /jsp-examples/* ajp13

Restart apache:

service httpd restart

Now, when you point your browser at your application you should be able to see everything that is at port 8080 on port 80.  As in:

www.mydomain.com:8080 

and

www.mydomain.com

Should now be the same.  This shows that mod_jk is setup and that apache is proxying tomcat.  I hope the howto helped, good luck with your new tomcat config.

These instructions help you install Sun's Java 1.5.0.11-1 JDK on Centos 4.4, so that you can run tomcat 5.

First, you'll need some base packages that you may not have already installed.

   yum install rpm-build gcc-java

Visit the jpackage.org site and navigate to their yum page (https://jpackage.org/yum.php)

Copy this file ( https://jpackage.org/jpackage.repo ) into /etc/yum.repos.d/

The repo file does not have the jpackage repositories enabled by default. You'll need to set enabled=1 for each repo that you need.

   yum update

Get some SRPMs for building the non-free packages. I like installing these to /usr/local/src on Linux systems. If you prefer another directory (/tmp works well) use it instead.

   cd /usr/local/src
   wget ftp://jpackage.hmdc.harvard.edu/mirrors/JPackage/1.7/generic/non-free/SRPMS/java-1.5.0-sun-1.5.0.11-1jpp.nosrc.rpm
   wget ftp://jpackage.hmdc.harvard.edu/mirrors/JPackage/1.6/generic/non-free/SRPMS/jta-1.0.1-0.b.4jpp.nosrc.rpm

Download some required files to /usr/src/redhat/SOURCES:

   cd /usr/src/redhat/SOURCES

Download jta-1_0_1B-classes.zip here after agreeing to the license. Look for the link to "Class Files 1.0.1B"

Download jdk-1_5_0_11-linux-i586.bin, again after agreeing to a license. The Sun page is somewhat confusing to navigate. You can start here and navigate through the series of clicks until you get to the following screen.

This page was last updated on 2006-03-07. You might have to poke around on the to find the right files if Sun has changed those pages too much.

Build and install the non-free packages.

   rpmbuild --rebuild /usr/local/src/java-1.5.0-sun-1.5.0.11-1jpp.nosrc.rpm
   rpm -ivh /usr/src/redhat/RPMS/i586/java-1.5.0-sun-1.5.0-11-1jpp.i586.rpm
   rpm -ivh /usr/src/redhat/RPMS/i586/java-1.5.0-sun-devel-1.5.0.11-1jpp.i586.rpm
   rpmbuild --rebuild --without javadoc /usr/local/src/jta-1.0.1-0.b.4jpp.nosrc.rpm
   rpm -ivh /usr/src/redhat/RPMS/noarch/jta-1.0.1-0.b.4jpp.noarch.rpm

And finally, install the free packages (do not panic - this will cause lots of packages to be installed):

   yum install tomcat5 tomcat5-webapps tomcat5-admin-webapps

Troubleshooting

• If the rpmbuild --rebuild step complains about missing sources, it's because you didn't copy the jta and jdk binary files into the /usr/src/redhat/SOURCES directory.
• If the system can't find rpmbuild, it's because you didn't install rpm-build.
• Watch the console when you start up tomcat with "/sbin/service tomcat5 start" . If it complains about missing jar files, you may need to fetch those with a "yum install <name-of-missing-package>" before your tomcat will run correctly.
• I do not know if there is some subtle incompatibility created by installing the JDK from the 1.7 JPackage repo, while the jta is pulled from the 1.6 JPackage repo. So far, this seems to work. There is no jta in the 1.7 repo.
• If you previously tried other methods to install the jdk, tomcat, etc., you should make sure that you've uninstalled those RPMs or files before following these instructions. Otherwise, rpm will complain.
• If you're running something like Bastille on your Centos box, make sure that your configuration allows connections to port 8080.