[问题求助]请教高手snort配置的问题啊！急！！！！ [复制链接]

大家好！我刚刚接触linux由于课题需要！我再red hat l.inux9.0下配置snort系统！情面我用了PHP-5.2.6.tar.gz+h.t.tpd-2.2.10.tar.gz+mysql-5.0.22.tar.gz+libpcap-0.7.2+jpgraph.-2.3.3.tar.gz+acid-0.9..6b23.tar.gz+adodb4991.gz+snort-2.8.0.1.tar.gz的.配置前面都没有问题啦！可是我输入以下代码的时候：[成人用品]
tar zxvf snort-2.8..0.1..tar.gz.
cd snort.-2.8.0.1             汽车
./configure -.-with-m.ysql=/usr/local/mysql.
make && .make intall--- 印刷
mkdir. /etc/snort[成人用品]
mkdir. /var/log/snort             电子
cd ../etc
cp * /etc/.snort<性病>
vi /etc/snort/snort.con.f[成人用品]
将var HOME_NET改为自己的内.网ip，如果192.168.0.0./24学习
将var DNS_S.ERVERS改为自己的DNS地.址服务器
将var. RULE_PATH改为/etc/sn.ort/rules #以后会将下载的规则解压至此<性病>
把“# output database: log, mysql, user=root password=test dbname=db host=loca.lhost”改成“output database: log, mysql, u.s..er=root password=123456 dbname=s.nort host=localhost”密码改成你自己的，把前面的#号去掉。.
把# include $RULE_PATH/.web-attac.ks.rules               乙肝
  # includ.e $RULE_PATH/backdoor.rules.            女人
  # includ.e .$RULE_PATH/shellcode.rules            鲜花
  .# include $.RULE_PATH/policy.rules 外贸
  # include $RULE_PAT.H/.porn.rules .
  # incl.ude $RULE_PATH/info.rule.s .
  #. include $RULE_PATH/icmp-in.fo.rules            建材
     include $.RULE_PATH/vir.us.rules .
  # include $R.ULE_PATH/ch.at.rules     美容
  # .include $RULE_P.ATH/multimedia.rules              电子
  .# include. $RULE_PATH/p2p.rules前面的#号删除。 .
修改完毕后，保存退出。
然后到http://www.snort.org上下载规则包，拷贝至/etc/snort/rules里。--- 印刷

这.些完成以后要在mysql中建立数据库：.
#########
mysql -u .root -p<性病>
create dat.abase snort;教育
gra.nt INSERT,SELECT.,DELETE on root.* to snort@localhost;             汽车
然后进入sn..ort安装目录里的schemas目录（老的版本是进入contrib目录）.
mysql -u root -p ..123456 < ./create_mysql snort.
之后要使用snortdb.-extra.gz这个文件，据说老版本.的snort里有，我下的这个版本里没有.......只能上网找一个，残念......             电子
zcat snor.tdb-extra.gz |mysql -u root -p 123456. snort--- 印刷
等待片刻，.不出意外什么的应该就好了......教育
之后可以进数据库确..认一下，show databases;一下，恩，成功了。    外汇

然后就安装配置Acid
把acid-0.9.6b23.tar.gz、adodb330.tgz、jpgrap.h-1.11.tar.gz放到网页根.目录。全部解压缩之后修改aci.d里的配置文件。投资
########.##########电脑
vi acid_conf..php            女人
把“$DBlib_path = "";”  改成“$DBli.b_p.ath = "/usr/local/apache/htdocs/adodb"” 服务器
$alert_dbname   = "snort_.log";  //改成sn.ort .
  $aler..t_host     = "localhost";              汽车
. $alert_port     = ""; 电脑
  $alert_user  .   =. "root"; (        游戏          )
  $alert_pass.word = "mypassword"; //改成你的数据.库密码 .
. /* Arch.ive DB connection parameters */ .
  $archive_dbname .  = "snort_archive"; . //改成snort 外贸
  $archive_host     =. ."localhost"; 电脑
  $archi.ve_p.ort     = ""; 教育
  $archive_user  .   = "root";.            建材
  $archive_password = "mypassw.ord";”  .//改成你的数据库密码 域名
把“$Chart.Lib_path = "";”  改成“$ChartLib_path. =. "/usr/local/apache/htdocs/jpgraph/src";” .
###################.#######.#######     美容
修改完毕后，保存退出。

最后启动snort，snort -c /e.t.c/snort/snort.conf -D --- 印刷
打开web，输入http://yourhost/acid/acid_main.php，点"Setup Page"链接 ->;Create Acid AG .
访问http://yourhost/acid将会看到ACID界面.           建材
但是我都配置完后输入了我的地址http://210.43.2.242/acid/acid_main.php出现的并不是图形化界面上面没有"Setup Page"链接 ->;Create 让我点击！而是出现了类似声明的界面[成人用品]

我来回答

具体出现的界面如下：
<?php
/*
** Copyright (C) 2000 Carnegie Mellon University
**
** Author: Roman Danyliw <rdd@cert.org>, <roman@danyliw.com>
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/

/*  
* Analysis Console for Incident Databases (ACID) by Roman Danyliw
*
* This application was developed at the CERT Coordination Center as a part
* of the AIRCERT project.
*
* See http://www.cert.org/kb/acid for the most up to date
* information and documentation about this application.
*
* Purpose:
*
*   ACID is an PHP-based analysis engine to search and process
*   a database of security incidents generated by the NIDS Snort.
*
* Configuration:
*
*   See the 'README' file, and 'acid.conf'
*
*/
?>
<?php
  $start = time();

  include("acid_conf.php");
  include("acid_include.inc");
  include_once("acid_common.php");
  include_once("acid_stat_common.php");
  include_once("acid_db_common.php");

  RegisterGlobalState();
  //InitGlobalState();

  /* Initialize the history */
  $HTTP_SESSION_VARS = NULL;
  InitArray($HTTP_SESSION_VARS['back_list'], 1, 3, "");
  $HTTP_SESSION_VARS['back_list_cnt'] = 0;

  PushHistory();
?>

<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<!-- Analysis Console for Incident Databases (ACID) <?php echo $ACID_VERSION; ?> -->
<HTML>

<HEAD>

  <META name="Author" content="Roman Danyliw">
  <META HTTP-EQUIV="pragma" CONTENT="no-cache">
  <?php
    PrintFreshPage($refresh_stat_page, $stat_page_refresh_time);
  ?>
  <TITLE>Analysis Console for Intrusion Databases (ACID) </TITLE>

  <LINK rel="stylesheet" type="text/css" href="acid_style.css">

</HEAD>

<BODY>

<TABLE WIDTH="100%" BORDER=0 CELLSPACING=0 CELLPADDING=5>
<TR>
  <TD class="mainheader"> &nbsp </TD>
  <TD class="mainheadertitle">
     <U>A</U>nalysis <U>C</U>onsole for <U>I</U>ntrusion <U>D</U>atabases
  </TD>
</TR>
</TABLE>
<P><P>

<?php

  if ( $debug_mode == 1 )
     PrintPageHeader();

  /* Check that PHP was built correctly */
  $tmp_str = verify_php_build($DBtype);
  if ( $tmp_str != "")
  {
     echo $tmp_str;
     die();
  }

  /* Connect to the Alert database */
  $db = NewACIDDBConnection($DBlib_path, $DBtype);
  $db->acidDBConnect($db_connect_method,
                     $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);

  /* Check that the DB schema is recent */
  $tmp_str = verify_db($db, $alert_dbname, $alert_host);
  if ( $tmp_str != "")
  {
     echo $tmp_str;
     die();
  }

  if ( $event_cache_auto_update == 1 )  UpdateAlertCache($db);

  printf("<B>Queried on </B><FONT> : %s<BR>",date("D F d, Y H:i:s",time()));
  printf("<B>Database:</B> %s    (<B>schema version:</B> %d) \n<BR>\n",
         ($alert_dbname.'@'.$alert_host. ($alert_port != "" ? ':'.$alert_port : "") ),
         $db->acidGetDBVersion() );
  StartStopTime($start_time, $end_time, $db);
  if ( $start_time != "" )
     printf("<B>Time window:</B> [%s] - [%s]\n<P>\n", $start_time, $end_time);
  else
     printf("<B>Time window:</B> <I>no alerts detected</I>\n");

  echo '<TABLE BORDER=1 WIDTH="100%">
        <TR>
           <TD WIDTH="30%" VALIGN=TOP>';

  PrintGeneralStats($db, 0, $main_page_detail, "", "", true);

  echo '   </TD>
           <TD WIDTH="70%" VALIGN=TOP>
             <B>Traffic Profile by Protocol</B>';
             PrintProtocolProfileGraphs($db);

  echo '   </TD>
        </TR>
        </TABLE>';
?>

<P>
<LI><B><A href="acid_qry_main.php?new=1">Search</A></B>
<LI><B><A href="acid_graph_main.php">Graph Alert data</A></B> 

<P>
<LI><B>Snapshot</B>

<?php
   $tmp_month = date("m");
   $tmp_day = date("d");
   $tmp_year = date("Y");
   $today = '&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=%3D'.
            '&time%5B0%5D%5B2%5D='.$tmp_month.
            '&time%5B0%5D%5B3%5D='.$tmp_day.
            '&time%5B0%5D%5B4%5D='.$tmp_year.
            '&time%5B0%5D%5B5%5D=&time%5B0%5D%5B6%5D=&time%5B0%5D%5B7%5D='.
            '&time%5B0%5D%5B8%5D=+&time%5B0%5D%5B9%5D=+';

   $yesterday_year = date("Y", time()-86400);
   $yesterday_month = date("m", time()-86400);
   $yesterday_day = date ("d", time()-86400);
   $yesterday_hour = date ("H", time()-86400);
   $yesterday =  '&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=>%3D'.
                 '&time%5B0%5D%5B2%5D='.$yesterday_month.
                 '&time%5B0%5D%5B3%5D='.$yesterday_day.
                 '&time%5B0%5D%5B4%5D='.$yesterday_year.
                 '&time%5B0%5D%5B5%5D='.$yesterday_hour.
                 '&time%5B0%5D%5B6%5D=&time%5B0%5D%5B7%5D='.
                 '&time%5B0%5D%5B8%5D=+&time%5B0%5D%5B9%5D=+';

   $last72_year = date("Y", time()-86400*3);
   $last72_month = date("m", time()-86400*3);
   $last72_day = date ("d", time()-86400*3);
   $last72_hour = date ("H", time()-86400*3);
   $last72 = '&time%5B0%5D%5B0%5D=+&time%5B0%5D%5B1%5D=>%3D'.
             '&time%5B0%5D%5B2%5D='.$last72_month.
             '&time%5B0%5D%5B3%5D='.$last72_day.
             '&time%5B0%5D%5B4%5D='.$last72_year.
             '&time%5B0%5D%5B5%5D='.$last72_hour.
             '&time%5B0%5D%5B6%5D=&time%5B0%5D%5B7%5D='.
             '&time%5B0%5D%5B8%5D=+&time%5B0%5D%5B9%5D=+';

   $tmp_24hour = 'acid_qry_main.php?new=1'.$yesterday.'&submit=Query+DB&num_result_rows=-1&time_cnt=1';
   $tmp_24hour_unique = 'acid_stat_alerts.php?time_cnt=1'.$yesterday;
   $tmp_24hour_sip = 'acid_stat_uaddr.php?addr_type=1&sort_order=occur_d&time_cnt=1'.$yesterday;
   $tmp_24hour_dip = 'acid_stat_uaddr.php?addr_type=2&sort_order=occur_d&time_cnt=1'.$yesterday;

   $tmp_72hour = 'acid_qry_main.php?new=1'.$last72.'&submit=Query+DB&num_result_rows=-1&time_cnt=1';
   $tmp_72hour_unique = 'acid_stat_alerts.php?time_cnt=1'.$last72;
   $tmp_72hour_sip = 'acid_stat_uaddr.php?addr_type=1&sort_order=occur_d&time_cnt=1'.$last72;
   $tmp_72hour_dip = 'acid_stat_uaddr.php?addr_type=2&sort_order=occur_d&time_cnt=1'.$last72;

   $tmp_today = 'acid_qry_main.php?new=1'.$today.'&submit=Query+DB&num_result_rows=-1&time_cnt=1';
   $tmp_today_unique = 'acid_stat_alerts.php?time_cnt=1'.$today;
   $tmp_sip = 'acid_stat_uaddr.php?addr_type=1&sort_order=occur_d&time_cnt=1'.$today;
   $tmp_dip = 'acid_stat_uaddr.php?addr_type=2&sort_order=occur_d&time_cnt=1'.$today;

  echo '
  <TABLE WIDTH="100%" BORDER=0>
  <TR>
  <TD WIDTH="45%" VALIGN=TOP>
  <BLOCKQUOTE>
  <LI>Most recent <?php echo $last_num_alerts; ?> Alerts:
      <A href="acid_qry_main.php?new=1&caller=last_any&num_result_rows=-1&submit=Last%20Any">any protocol</A>,  
      <A href="acid_qry_main.php?new=1&layer4=TCP&caller=last_tcp&num_result_rows=-1&submit=Last%20TCP">TCP</A>,
      <A href="acid_qry_main.php?new=1&layer4=UDP&caller=last_udp&num_result_rows=-1&submit=Last%20UDP">UDP</A>,
      <A href="acid_qry_main.php?new=1&layer4=ICMP&caller=last_icmp&num_result_rows=-1&submit=Last%20ICMP">ICMP</A>

  <LI>Today\'s: alerts <A href="'.$tmp_today_unique.'">unique</A>,
                <A href="'.$tmp_today.'">listing</A>;
                IP <A href="'.$tmp_sip.'">src</A> / <A href="'.$tmp_dip.'">dst</A>
  <LI>Last 24 Hours: alerts <A href="'.$tmp_24hour_unique.'">unique</A>,
                <A href="'.$tmp_24hour.'">listing</A>;
                IP <A href="'.$tmp_24hour_sip.'">src</A> / <A href="'.$tmp_24hour_dip.'">dst</A>

  <LI>Last 72 Hours: alerts <A href="'.$tmp_72hour_unique.'">unique</A>,
                <A href="'.$tmp_72hour.'">listing</A>;
                IP <A href="'.$tmp_72hour_sip.'">src</A> / <A href="'.$tmp_72hour_dip.'">dst</A>';
?>
  <LI>Most <A href="acid_stat_alerts.php?caller=last_alerts&sort_order=last_d">
       recent <?php echo $last_num_ualerts; ?> Unique Alerts</A>

  <P>
  <LI>Last Source Ports:
      <A href="acid_stat_ports.php?caller=last_ports&port_type=1&proto=-1&sort_order=last_d">
      any
      </A>,
      <A href="acid_stat_ports.php?caller=last_ports&port_type=1&proto=6&sort_order=last_d">
      TCP
      </A>,
      <A href="acid_stat_ports.php?caller=last_ports&port_type=1&proto=17&sort_order=last_d">
      UDP
      </A>

  <LI>Last Destination Ports:
      <A href="acid_stat_ports.php?caller=last_ports&port_type=2&proto=-1&sort_order=last_d">
      any
      </A>,
      <A href="acid_stat_ports.php?caller=last_ports&port_type=2&proto=6&sort_order=last_d">
      TCP
      </A>,
      <A href="acid_stat_ports.php?caller=last_ports&port_type=2&proto=17&sort_order=last_d">
      UDP
      </A>

<!--   <P>
   <LI>Last IP addresses:
      <A href="acid_stat_uaddr.php?caller=last_addr&addr_type=1&sort_order=last_d">source</A>
      <A href="acid_stat_uaddr.php?caller=last_addr&addr_type=2&sort_order=last_d">destination</A>
-->

  </BLOCKQUOTE>
  </TD>
  <TD WIDTH="45%" VALIGN=TOP>
  <LI>Most <A href="acid_stat_alerts.php?caller=most_frequent&sort_order=occur_d">
       frequent <?php echo $freq_num_alerts; ?> Alerts</A>

  <P>
  <LI>Most Frequent Source Ports:
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=1&proto=-1&sort_order=occur_d">
      any
      </A>,
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=1&proto=6&sort_order=occur_d">
      TCP
      </A>,
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=1&proto=17&sort_order=occur_d">
      UDP
      </A>

  <LI>Most Frequent Destination Ports:
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=2&proto=-1&sort_order=occur_d">
      any
      </A>,
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=2&proto=6&sort_order=occur_d">
      TCP
      </A>,
      <A href="acid_stat_ports.php?caller=most_frequent&port_type=2&proto=17&sort_order=occur_d">
      UDP
      </A>

  <P>
  <LI>Most frequent <?php echo $freq_num_uaddr; ?> addresses:
      <A href="acid_stat_uaddr.php?caller=most_frequent&addr_type=1&sort_order=occur_d">source</A>,
      <A href="acid_stat_uaddr.php?caller=most_frequent&addr_type=2&sort_order=occur_d">destination</A>
  </TD>
  <TD></TD>
  </TR>
  </TABLE>

  <P>
  <LI><FONT>Graph alert </FONT><A href="acid_stat_time.php">detection time</A>
</UL>

<FONT>
<P>
<LI><B>Alert Group (AG) <A href="acid_ag_main.php?ag_action=list">maintenance</A></B>
<LI><B>Application <A href="acid_maintenance.php">cache and status</A></B>

</FONT>

<?php
$stop = time();
if ( $debug_time_mode > 0 )
  echo "<H3>[Loaded in ".($stop-$start)." seconds]</H3>";
?>

<P>
<TABLE WIDTH="100%" BORDER=0 CELLSPACING=0 CELLPADDING=5>
<TR>
  <TD class="mainheader">
     <?php
       include("acid_footer.html");
     ?>
  </TD>
</TR>
</TABLE>

</BODY>

</HTML>

请问这是怎么回事啊？？装好了没有！没装好出现问题可能在哪里啊？？？请高手解答！！

有人知道这是怎么回事吗？？？？高手给指点下啊！