Realeyes Documentation

 Real eyes
HOME || NEWS || TECHNOLOGY
DOCUMENTATION || DOWNLOAD || SUPPORT || LICENSE
DEVELOPERS || CONTACT

The Realeyes Intrusion Detection System Manual is now available. It contains complete information on installing, maintaining, and using the realeyes system. The chapters cover:
  • An overview that explains how the components interact with each other and how they are used by security analysts and network administrators.
  • Installation instructions that describe what to expect during the installation and emphasizes important points.
  • How to use and maintain each of the components of the application, including how to lookup the error messages in HTML format.
  • The syntax for rules and how to effectively create rules for monitoring the network activity.
  • How to analyze the information collected by the application to maintain a security awareness of monitored networks.

Installation of Debian Packages

The Realeyes Debian packages are the easiest installation method, because all of the dependencies are handled by the Debian package manager. For each package, the initial configuration is handled by executing scripts that are installed in the /usr/sbin directory. Additional configuration is handled in the Realeyes GUI.

Installation from Source

The dependencies for the Realeyes source packages must be installed before installing any of the components. In most cases, this can be accomplished by using the distribution's package manager, but some Java libraries must be downloaded (links to the download pages are included in the instructions). The PostgreSQL database must be installed and the RealeyesDB package installed and configured before the RealeyesDBD or RealeyesGUI applications can be run.

Installation scripts for each package install program, configuration, and documentation files to the appropriate directories. The file, Realeyes.ini, is used by the installation scripts, and must be edited to match the directories of the Linux distribution being used (the defaults are based on Debian) before running the scripts. Scripts for the initial configuration are included and are automatically started by the installation scripts.

Supported network interfaces

The list of interfaces that are supported for data collection by the Reaeleyes IDS include all interfaces supported by the pcap library.

Realeyes IDS Messages

The messages issued by the Realeyes IDS application are documented with a description and the action to be taken for each one. This information is included with the packages, but the most up to date version is kept here.

Realeyes DBD Messages

The messages issued by the Realeyes DBD application are documented with a description and the action to be taken for each one. This information is included with the packages, but the most up to date version is kept here.

SourceForge.net Logo