1. ¼Ò°³

ÀÌ ¹®¼­´Â IDS (ħÀÔ Å½Áö ½Ã½ºÅÛ, Intrusion Detection System) ¸¦ ±¸ÇöÇÏ·Á´Â »ç¶÷µé¿¡°Ô µµ¿òÀ» ÁÖ±âÀ§ÇØ Snort ¿Í ¸î¸î Åë°è µµ±¸¸¦ »ç¿ëÇÏ¿© IDS ¼¾¼­¸¦ ¸¸µé¾úÀ» ¶§ ÀÛ¼ºµÇ¾ú´Ù. Àû¾îµµ ÀÌ ¹®¼­ÀÇ ³»¿ëÁß Çϳª¶óµµ µµ¿òÀÌ µÉ ¼ö ÀÖ´Ù¸é ÀÌ ¹®¼­¸¦ ÀÛ¼ºÇÑ °¡Ä¡°¡ ÀÖÀ» °ÍÀÌ´Ù.

Snort ´Â ¿©·¯ À¯´Ð½º Ç÷§Æû¿¡¼­ »ç¿ëÇÒ ¼ö ÀÖ´Â ¿ì¼öÇÑ NIDS (Network IDS, ³×Æ®¿öÅ© ħÀÔ Å½Áö ½Ã½ºÅÛ) ÀÌ´Ù. Snort ȨÆäÀÌÁö´Â http://www.snort.org/ ·Î ÀÌ ¹®¼­¿¡¼­ ±â¼úµÈ ¹öÀüÀº ¹®¼­ ÀÛ¼º½ÃÁ¡ÀÇ ÇöÀç ¹öÀüÀÎ 1.8.3 ÀÌ´Ù.

ÀÌ ¹®¼­¿¡ ±â¼úÇÒ Åë°è µµ±¸´Â snort ¿¡ ´ëÇÑ µ¥ÀÌŸº£À̽º ºÐ¼® µµ±¸ÀÎ ACID ¿Í snort ·Î±×¿¡ ´ëÇÑ Åë°è µµ±¸ÀÎ SnortSnarf ·Î °¢°¢ http://www.cert.org/kb/acid/ ¿Í http:/ /www.silicondefense.com/software/snortsnaft/index.htm ¿¡¼­ ´Ù¿î·Îµå¹ÞÀ» ¼ö ÀÖ´Ù.

ACID ¿¡ ´ëÇØ¼­´Â Ãß°¡ÀûÀÎ Áö¿ø ÆÐŰÁöµéÀÌ ÇÊ¿äÇѵ¥ À̵éÀº apache (http://www.apache.org/) ¿Í °°Àº À¥ ¼­¹ö, PHP ¿¡¼­ ±×·¡ÇÁ »ý¼º¿¡ »ç¿ëµÇ´Â PHPlot ( http://www.phplot.com/) ¿Í PHP ¿Í ÇÔ²² µ¥ÀÌŸº£À̽º ¿¬°á¿¡ »ç¿ëµÇ´Â ADODB (http://php.weblogs.com/ADODB/) ÀÌ´Ù.

¶ÇÇÑ ÀÌ ¹®¼­´Â ACID ¿¡ ´ëÇØ ¾î¶² Ãß°¡ÀûÀÎ ¼ÒÇÁÆ®¿þ¾î°¡ ÇÊ¿äÇÑÁö ±×¸®°í snortd initscript ¹× swatch ( http://www.stanford.edu/~atkins/swatch) ¿¡ ´ëÇÑ °£·«ÇÑ ºÎºÐÀ» Æ÷ÇÔÇÏ¿© ÀúÀÚ°¡ »ç¿ëÇÑ ¸î¸î ½ºÅ©¸³Æ®¿Í ÇÔ²² ÆÞ·Î ÀÛ¼ºµÈ ·Î±× ÆÄÀÏ °¨½Ã ½ºÅ©¸³Æ®¸¦ ¾î¶»°Ô ¼³Á¤ÇÏ´ÂÁö¸¦ ±â¼úÇÑ´Ù. ÀúÀÚ´Â swatch RPM À» ÀÛ¼ºÇßÀ¸¸ç ÀÌ´Â http://www.lug-burghausen.org/projects/Snort-Statistics/swatch-3.0.2-1.noarch.rpm ¿¡¼­ ãÀ» ¼ö ÀÖ´Ù.

ÇѰ³ ÀÌ»óÀÇ snort ¼¾¼­¸¦ º¸À¯Çϴµ¥ °ü½ÉÀÌ ÀÖ´Â »ç¶÷µéÀº http://www.activeworx.com/ ¿¡¼­ IDSPM (IDS Policy Manager) ¸¦ Á¶»çÇØ º¸±æ ¹Ù¶õ´Ù. ÀÌ´Â »õ·Î¿î ±ÔÄ¢À» ±âÁ¸ ±ÔÄ¢À¸·Î º´ÇÕ½ÃÅ´Àº ¹°·Ð »óÀÌÇÑ Á¤Ã¥À» °®´Â ¿©·¯ ¼¾¼­µéÀ» À¯ÁöÇϱâ À§ÇÑ ¾ÖÇø®ÄÉÀ̼ÇÀÌ´Ù. ´ÜÁö "³­Ã³ÇÑ" °ÍÀº W2K/XP Ç÷§Æû¿¡ ÀÛµ¿ÇÏ¸ç ¿ÀÇ ¼Ò½º°¡ ¾Æ´Ï¶ó´Â °ÍÀÌ´Ù.

1.1. ÀúÀÛ±Ç Á¤º¸

This document is copyrighted (c) 2001, 2002 Sandro Poppi and is distributed under the terms of the Linux Documentation Project (LDP) license, stated below.

Unless otherwise stated, Linux HOWTO documents are copyrighted by their respective authors. Linux HOWTO documents may be reproduced and distributed in whole or in part, in any medium physical or electronic, as long as this copyright notice is retained on all copies. Commercial redistribution is allowed and encouraged; however, the author would like to be notified of any such distributions.

All translations, derivative works, or aggregate works incorporating any Linux HOWTO documents must be covered under this copyright notice. That is, you may not produce a derivative work from a HOWTO and impose additional restrictions on its distribution. Exceptions to these rules may be granted under certain conditions; please contact the Linux HOWTO coordinator at the address given below.

¿ä¾àÇØ¼­ ¸»Çϸé ÀúÀÚ´Â °¡´ÉÇÑ ¸¹Àº ä³ÎÀ» ÅëÇØ ÀÌ Á¤º¸°¡ À¯Æ÷µÇ±â¸¦ ¹Ù¶õ´Ù. ±×·¯³ª ÀÌ HOWTO ¹®¼­ÀÇ ÀúÀÛ±ÇÀÌ À¯ÁöµÇ±æ ¹Ù¶ó¸ç ÀÌ ¹®¼­¸¦ Àç¹èÆ÷ÇÏ·Á´Â ¸ðµç °èȹÀ» Å뺸¹Þ°í ½Í´Ù.

Áú¹®ÀÌ ÀÖ´Ù¸é ·Î ¿¬¶ôÇϱ⠹ٶõ´Ù.

1.2. ºÎÀÎ

No liability for the contents of this documents can be accepted. Use the concepts, examples and other content at your own risk. As this is a new edition of this document, there may be errors and inaccuracies, that may of course be damaging to your system. Proceed with caution, and although this is highly unlikely, the author(s) do not take any responsibility for that.

All copyrights are held by their respective owners, unless specifically noted otherwise. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark.

Naming of particular products or brands should not be seen as endorsements.

You are strongly recommended to take a backup of your system before major installation and backups at regular intervals.

1.3. ½Å±Ô ¹öÀü

ÀÌ ¹®¼­´Â ÃÖÃÊ ¹öÀüÀÌ´Ù.

ÀÌ HOWTO ¹®¼­ÀÇ ¸ÞÀÎ »çÀÌÆ®´Â http://www.lug-burghausen.org/projects/Snort-Statistics/ ÀÌ´Ù.

¹Ì·¯ »çÀÌÆ®µé·Î´Â Linux Documentation Project ¶Ç´Â Snort ÀÌ ÀÖ´Ù.

ÀÌ HOWTO ¹®¼­ÀÇ ÃֽйöÀüÀº ´Ã ¸ÞÀÎ »çÀÌÆ®¿¡¼­ ´Ù¾çÇÑ Æ÷¸ËÀ¸·Î ¾òÀ» ¼ö ÀÖ´Ù:

1.4. °¨»ç

´ÙÀ½ÀÇ »ç¶÷À» Æ÷ÇÔÇÏ¿© ¸¹Àº »ç¶÷µé¿¡°Ô °¨»çµå¸°´Ù.

If I missed someone it was not because of not honoring her or his work!

1.5. Çǵå¹é

ÀÌ ¹®¼­¿¡ ´ëÇÑ Çǵå¹éÀº ¾ðÁ¦³ª ȯ¿µÇÑ´Ù. ¿©·¯ºÐÀÇ Á¦¾È°ú Á¤º¸°¡ ¾ø¾ú´Ù¸é ÀÌ ¹®¼­´Â Á¸ÀçÇÏÁö ¾ÊÀ» °ÍÀÌ´Ù. Ãß°¡»çÇ×, °ßÇØ ¹× ºñÆòÀ» ´ÙÀ½ À̸ÞÀÏ ÁÖ¼Ò : ·Î º¸³»Áֱ⠹ٶõ´Ù.