From dea7ae99572515dbebbca0b4d49f3cf08ea6e0f4 Mon Sep 17 00:00:00 2001 From: Foxfair Hu Date: Tue, 26 Sep 2000 02:58:04 +0000 Subject: Add acid to our ports tree. (not out, sorry) This is acid v0.9.4, Analysis Console for Intrusion Databases (ACID) with Snort and MySQL. Before someone complain about it, I need to say portlint doesn't like this port so much. That's because the naming rule of DISTFILES(from the author) has a bad style. ACID needs snort 1.6.3(maybe higher) and php3/mysql, we are waitng for upgrading the development version of snort to make this port happy. Submitted by: Yen-Ming Chen --- security/acid/Makefile | 38 ++++++++++++++++++++++++++++++++++++++ security/acid/distinfo | 1 + security/acid/files/Makefile.acid | 32 ++++++++++++++++++++++++++++++++ security/acid/pkg-comment | 1 + security/acid/pkg-descr | 18 ++++++++++++++++++ security/acid/pkg-plist | 16 ++++++++++++++++ 6 files changed, 106 insertions(+) create mode 100644 security/acid/Makefile create mode 100644 security/acid/distinfo create mode 100644 security/acid/files/Makefile.acid create mode 100644 security/acid/pkg-comment create mode 100644 security/acid/pkg-descr create mode 100644 security/acid/pkg-plist (limited to 'security/acid') diff --git a/security/acid/Makefile b/security/acid/Makefile new file mode 100644 index 000000000000..1224cc7074f5 --- /dev/null +++ b/security/acid/Makefile @@ -0,0 +1,38 @@ +# New ports collection makefile for: acid +# Date created: Mon Sep 25 16:05:01 CST 2000 +# Whom: Foxfair Hu +# +# $FreeBSD$ +# + +PORTNAME= acid +PORTVERSION= 0.9.4 +CATEGORIES= security +MASTER_SITES= http://www.cert.org/kb/acid/ +DISTFILES= acid.0.9.4.tar.gz +WRKSRC= ${WRKDIR}/${PORTNAME} + +MAINTAINER= foxfair@FreeBSD.org + +RUN_DEPENDS= ${LOCALBASE}/sbin/httpd:${PORTSDIR}/www/apache13 \ + ${LOCALBASE}/libexec/apache/libphp3.so:${PORTSDIR}/www/mod_php3 \ + ${LOCALBASE}/libexec/mysqld:${PORTSDIR}/databases/mysql322-server \ + ${LOCALBASE}/bin/snort:${PORTSDIR}/security/snort + +post-configure: + ${MKDIR} ${LOCALBASE}/share/doc/apache/acid + ${CP} ${FILESDIR}/Makefile.acid ${WRKSRC}/Makefile + +post-install: + @${ECHO} "*****************************************************************************" + @${ECHO} "Please modify the file '${LOCALBASE}/share/doc/apache/acid/acid_conf.php', " + @${ECHO} "and customize the following variables to fit your system: " + @${ECHO} " " + @${ECHO} "'alert_dbname' : MySQL database name where the alerts are stored " + @${ECHO} "'alert_host' : host where the database is stored " + @${ECHO} "'alert_port' : port where the database is stored " + @${ECHO} "'alert_user' : username into the database " + @${ECHO} "'alert_password' : password for the username " + @${ECHO} "*****************************************************************************" + +.include diff --git a/security/acid/distinfo b/security/acid/distinfo new file mode 100644 index 000000000000..4ec2549806e7 --- /dev/null +++ b/security/acid/distinfo @@ -0,0 +1 @@ +MD5 (acid.0.9.4.tar.gz) = e3f4aaefc7a1fc9a4042b5fab396ff07 diff --git a/security/acid/files/Makefile.acid b/security/acid/files/Makefile.acid new file mode 100644 index 000000000000..b1ef1a723531 --- /dev/null +++ b/security/acid/files/Makefile.acid @@ -0,0 +1,32 @@ +# This is a dummy Makefile for FreeBSD ports system, not from the author. +# We don't need to compile anything but just copy these files to finish +# the installation. +# +# Foxfair. +ACIDDIR=/usr/local/share/doc/apache/acid +INSTALL=install + +ACIDFILES=\ + README \ + acid_common.php \ + acid_conf.php \ + acid_footer.html \ + acid_hdr1.html \ + acid_hdr2.html \ + acid_main.php \ + acid_pkt_form.php \ + acid_pkt_main.php \ + acid_pkt_sqlcalls.php \ + acid_stat_alerts.php \ + acid_stat_common.php \ + acid_stat_time.php \ + acid_style.css \ + index.html + +all: install + +install: ${ACIDFILES} + [ -d ${ACIDDIR} ] || mkdir ${ACIDDIR} + for i in ${ACIDFILES}; do \ + ${INSTALL} -c -m 444 $$i ${ACIDDIR} ; \ + done diff --git a/security/acid/pkg-comment b/security/acid/pkg-comment new file mode 100644 index 000000000000..e3b041476353 --- /dev/null +++ b/security/acid/pkg-comment @@ -0,0 +1 @@ +Analysis Console for Intrusion Databases (ACID) with Snort and MySQL diff --git a/security/acid/pkg-descr b/security/acid/pkg-descr new file mode 100644 index 000000000000..1ad915b6fa48 --- /dev/null +++ b/security/acid/pkg-descr @@ -0,0 +1,18 @@ +ACID is a PHP-based analysis engine to search and process a database of +security incidents generated by the NDIS Snort. The features currently +include: + + - Search interface for finding alerts matching practically any criteria. + This includes arrival time, signature time, source/dest address/port, + flags, payload, etc. Furthermore, these queries can be made arbitrarily + complex to satsify almost any parameters. + + - Statistics: + - % of traffic for each protocol + - Alerts: # of src/dst IP, last/first arrival time + - Graph # of arrived alert over a period of time + - last x-number of alerts by protocol + + - All features are provided in real-time + +WWW: http://www.cert.org/kb/acid/ diff --git a/security/acid/pkg-plist b/security/acid/pkg-plist new file mode 100644 index 000000000000..3197d5f60353 --- /dev/null +++ b/security/acid/pkg-plist @@ -0,0 +1,16 @@ +share/doc/apache/acid/README +share/doc/apache/acid/acid_common.php +share/doc/apache/acid/acid_conf.php +share/doc/apache/acid/acid_footer.html +share/doc/apache/acid/acid_hdr1.html +share/doc/apache/acid/acid_hdr2.html +share/doc/apache/acid/acid_main.php +share/doc/apache/acid/acid_pkt_form.php +share/doc/apache/acid/acid_pkt_main.php +share/doc/apache/acid/acid_pkt_sqlcalls.php +share/doc/apache/acid/acid_stat_alerts.php +share/doc/apache/acid/acid_stat_common.php +share/doc/apache/acid/acid_stat_time.php +share/doc/apache/acid/acid_style.css +share/doc/apache/acid/index.html +@dirrm share/doc/apache/acid -- cgit v1.2.3