|
| Sensor Management Tools ("SMT") Installation The Sensor Management Tools ("SMT's") enable the management of local or remote snort services and signatures. SMT's are most commonly used to start & stop snort as well as auto-update and manage snort signatures. Requirements PHP 4 or 5 (Binary / command line version) must be installed on all sensors to use the SMT's. PERL (any version) is used to launch the PHP scripts. Location The SMT's are located within the /contrib/smt/ directory of any Aanval installation Installation Installation a)ᅠ Create a directory to store a copy of the SMT's and copy the contents of the /contrib/smt/ directory into this location. b)ᅠ Edit and configure conf.php according to its contents and comments (ensuring the SMTᅠIDᅠmatches that of the appropriate sensor in the console) c) Test the SMT's by running the command "php smt,php" d) When testing has been satisfied, start the SMT's with either of the following commands: "perl idsSensor.pl -start" or "./idsSensor.pl -start" Starting and stopping the SMT's The main sensor management tool is a script named "smt.php" and is designed to run once and exit upon completion or error. In order to operate correctly, the smt.php script must be run in a continuous loop which, is done through the use of the "idsSensor.pl" wrapper script. This wrapper script should always be used to start and stop the SMT's. Start To start the SMT's using the idsSensor.pl wrapper script, either of the following commands may be used: "perl idsSensor.pl -start" or "./idsSensor.pl -start" Stop To stop the SMT's using the idsSensor.pl wrapper script, follow the previous syntax only using -stop instead. "perl idsSensor.pl -stop" or "./idsSensor.pl -stop" Help Basic script execution help can be obtained by using the "-help" parameter. ᅠ Stop To stop the SMT's using the idsSensor.pl wrapper script, either of the following commands may be used: "perl idsSensor.pl -stop" or "./idsSensor.pl -stop" ᅠ ᅠ Logos and trademarks are property of their respective owners. |
