close

Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Talk

Why should YOU join our Glock forum?

  • Converse with other Glock Enthusiasts
  • Learn about the latest hunting products
  • Becoming a member is FREE and EASY

If you consider yourself a beginner or an avid shooter, the Glock Talk community is your place to discuss self defense, concealed carry, reloading, target shooting, and all things Glock.

Linux IDS's

Discussion in 'Tech Talk' started by lomfs24, Oct 29, 2004.

  1. lomfs24

    lomfs24

    2,028
    0
    Apr 19, 2003
    Montana
    I am looking for a good/decent IDS for Linux. How does Snort stack up to other opensource IDS's? I am also looking for a good website that is a HOWTO for IDS setup, control, etc...

    Thanks for the help.
     
  2. HerrGlock

    HerrGlock Scouts Out CLM

    23,791
    183
    Dec 28, 2000
    Ummmm, SNORT isn't really an IDS. It's a log checker. Hold on...
    I use Tripwire, logwatch, homemade scripts, and a handful of other things, but I swear by tripwire.

    How paranoid do you want to get? (that's a serious question)

    Here, this should get you started ;f
    http://www.linux-sec.net/IDS/
    Minimum IDS Recommendations

    * Host-based IDS
    ( HIDS )
    o Download and Install Tripwire
    o Download and Install Log File Checking Apps

    o Tar up your /bin /sbin /usr/sbin /usr/bin /etc files BEFORE you go live
    o Hourly compare the check sum of your current binaries against the original tar file above

    * Network-based IDS
    ( NIDS )
    o Download and Install and anti-sniffer

    * You should do everything to minimize/eliminate false alarms


    IDS Mailing List

    SecurePoint IDS Mailing Lists
    Geek-Girl.com


    IDS FAQs & HOWTOs

    * Cert.org
    Intuder Detection Checklist
    * RobertGraham.com
    NIDS Faqs
    Ticm.com NIDS Faqs
    LinuxSecurity.com NIDS Faqs
    Sans.org IDS Faq

    Monkey.org IDS 101

    enteract.com IDS for FW-1 scripts

    NetworkIntrusion.co.uk IDS classes


    Loggers, Log Viewers and Log Analyzers

    * Loggers and Log Viewers


    Network Sniffers

    * Network Sniffers


    IDS Lists

    * NIST.gov
    IDS List
    Dolfin.com IDS
    Pandora.be Huge list
    * Cerias.Purdue.edu
    COAST IDS List
    Purdue.edu Coast-IDS
    Cerias.Purdue.edu netutils
    SecurityPortal IDS Comparason
    Sans.org Reading Room - IDS
    SecurityWizards.com 50 Ways to Defeat Your IDS
    Sekure.net IDS List
    TimberLineTechnologies.com IDS List
    WhiteHats.com IDS lists
    WhiteHats.com Defense Lists
    WhiteHats Searchable IDS db


    HIDS - Host-based IDS
    # HIDS - Checks for server activity/security

    # List of HIDS

    AusCert.org
    Cert.org Identifying tools that aid in detecting signs of intrusion
    COTSE.com IDS
    * LinuxSecurity.com
    Host Security
    LinuxSecurity.com IDS
    * NetworkIntrusion.co.uk
    HIDS
    NetworkIntrusion.co.uk Host Scanners
    Informatick.tu-cottbus.de HIDS
    * WireTapped.net
    ftp list of HIDS apps
    SourceForge.net HogWash


    * HIDS



    NIDS - Network-based IDS
    # NIDS - Checks for network activity/security

    # List of NIDS

    AusCert.org
    Cert.org Identifying tools that aid in detecting signs of intrusion
    COTSE.com IDS
    * NetworkIntrusion.co.uk
    NIDS
    NetworkIntrusion.co.uk N-NIDS
    keio.ac.jp PakeMan NIDS
    Informatick.tu-cottbus.de NIDS
    * WireTapped.net
    ftp list of NIDS apps


    satx.rr.com NIDS tutorial
    ticm.com NIDS FAQ


    * NIDS
    aciri.org Bro: System for Detecting Network Intruders in Real-Time
    Icir.org Bro
    ScaraManga.co.uk FireStorm
    MimeStar.com SecureNet Pro
    Tamandua.Axur.org
    MyNetWatchman.com has attacking TLD stats


    FIDS - FileSystem-based IDS
    # Check binaries and file/directory permissions and file integrity

    # List of FIDS

    NetworkIntrusion.co.uk FIDS - tripwire, aide, ..


    * FIDS
    * Aide Advanced Intrusion Detection Environment - similar to tripwire
    Freshmeat.net Aide
    tut.fi Aide
    Insecure.dk FSS - File System Saint
    Check_Sum.pl
    Osiris like check_sum.pl
    SamHain
    SamHain
    SourceForge.net Zurk - Sentinel - similar to tripwire, viper
    TripwireSecurity.com
    * Tripwire.org
    Tripwire.com
    SourceForge Tripwire
    SourceForge tripwireGUI
    LinuxSecurity Tripwire


    Permission Checking

    Linux-Sec.net suid.check.sh
    marcus.seva.net sXid - suid permission
    Tiger
    www-arc.com TARA
    www-arc.com SARA


    To Sort out

    Demarc.org
    Shadow
    Sportal
    Viper
    Isi.edu NS - Network Simulator
    MyCert.Mimos.my
     


  3. lomfs24

    lomfs24

    2,028
    0
    Apr 19, 2003
    Montana
    Thanks HerrGlock, as usual, you are a host of information.

    How paraniod do I wanna get?

    Here's what I got going on. I have a, or will have, website or two running on a local machine. Very low traffic to these sites. As soon as I notice that they are generating a lot of traffic I will move them to another location.

    Right now, I have a DSL modem/router with one computer in the the DMZ. There is nothing on that computer that I am not willing to loose. In other words, if I had to wipe the whole thing and restart it wouldn't be the end of the world. I will keep backups of my website and anyone else who has a site there will understand it is pretty low priority and they should keep their own back ups.

    I then have another linux router that runs my internal network. Any computer that has stuff on it that is extremely sensative is turned off while not in use.

    In order to get to anything of much value someone would have to go through a router and two linux boxes. While that is possible I am sure they would be highly diappointed when they finally reached their goal.

    That being said, I would like to know of intrusion and attempted intrusion so as to locate any holes that may remain. But I am not as paranoid as I would be if I were holding blue prints to a Nuclear subramine.

    I will start browsing through the stuff you posted and will start working from there.
     
  4. lomfs24

    lomfs24

    2,028
    0
    Apr 19, 2003
    Montana
    OK
    step 1. Install tripwire.

    I downloaded the source for tripwire and tried to compile it. I followed the INSTALL file I made sure I have c++ and g++ and that they equal or are greater than the specified version. (2.95.2 and I have 3.3.4)

    When I try to compile it I get a list of errors as long as my arm. What am I missing?
     
  5. NetNinja

    NetNinja Always Faithful

    967
    0
    Oct 23, 2001
    HotLanta, GA
    Snort is not an IDS?

    Depends on what you want to monitor.

    Snort for outside the network

    Tripwire for inside the network.
     
  6. Intrusion Detection Systems (IDS) on Linux / 2- JUNIOR one
    The activities and the fields of application of a Intrusion Detection System are several, to the point that often come managed from various software, than in theirs entirety supply to notice of attempted you of attack or the scansion of a system, to preview mechanisms of notification (email, log, Sms) and reaction according to events also proatti in a position to blocking on being born the communications to you with IP from which hostile packages arrive.
    The natural evolution of a relative IDS to a single host is the Network Intrusion Detection System (NIDS) that monitora the traffic of one entire net.
    The mechanisms of activity location sospette are various, but generally they are concentrated on:
    - Verification of the log of system or specific programs in order to characterize anomalous activities;
    - Control of integrity of the local rows, modifications sospette can be sintono of one happened irruption;
    - Monitoring of the packages assigns you to the host, is in order to react to pattern of attack famous that in order to notice of a port scan from remote, generally prologo of a intrusione attempt.

    The OpenSource world offers a multitude of useful instruments for these scopes, goes itself from small programs for specific activities to systems more complex than quality evolute.
    For being truly effective, the implementazione of systems of Intrusion Detection beyond demanding a substantial sistemistico participation for the configuration and the customizzazione of the used software, must be such to allow one fast analysis: too many log and mail of notification are in the long run counter-productive and useless if to this it does not follow a effective control.
    It follows a short directory of some of the more famous programs for the activities of Intrusion Detection.

    LOG ANALYZERS
    They are programs that monitorano the entry in the log files of system and can be shape to you in order to execute dates operations in presence of determined lines of log.
    E' well that they act in real time, from the moment that after a intrusione one of the first occupations of a hacker is that one to cancel the traces eventually left on the log varies.
    In this category they can re-enter:
    Swatch http://swatch.sourceforge.net/ - every type of rows Can monitorare in real time. E' in Perl and demands some modules generally does not install you of default and releasable from CPAN, in the rows of settano configuration the rules of pattern matching of log and involving adopting.
    Logsurfer - http://www.cert.dfn.de/eng/logsurf/ - Has characteristics similar to Swatch but it introduces some improvements, between which the possibility to correlate the output of various log and, to the contempo, it proposes rows of more complex configuration (is advisable to inspire itself to the example of conf existing).
    LogWatch - http://www.logwatch.org/ - Installed of default on some Linux distributions like RedHat monitora various types of log, according to configurabili formulations and generates the relati ones to you alert and report.
    Logcheck - Produced from Psionic, recently acquired from Cisco. An official Home Page does not have more.

    To prescind from the mechanism of used control of the log, some sagacities render the operation more effective:
    - Loggare, if possible, on one remote machine, in such way to prevent the manipulations of the log after a intrusione;
    - In defining the rules of log checking following one policy of logging of all except of the famous messages: to define of the rules of exclusion of lines of log lawful; defining rules for the inclusion of special and you notice events suspiciones; to include all the rest (not previewed lines of log ignote or).
    - not to execute the programs of log check like customer root, eventual stringhe malignant in the log they could generate turns out to you uncontrollable;
    - In the same way, not to visualize the log from potentially finishes them sensitive to a "Terminal emulator ATTACK" through characters escape that they come badly uses you or interprets from sure finishes them to you (For details: http://www.digitaldefense.net/labs/papers/Termulation.txt)

    ROWS INTEGRITY CHECKERS
    Once made with succeeding a intrusione, beyond watching themselves around and trying to understand where one finds, a hacker that it wants to maintain to the access and the possibility to re-enter in the system it supplies to cancel the own traces from the log, to install Trojan and programs that open new remote logins, the activities of the administrators control (packet sniffers, key loggers...) serve for attacks succeeded to you, launch from the host already violato. These activities are facilitated and in part automated from rootkit it dedicates to you but, in any case, they leave traces on the system: new copied rows, log and modified railroads, cancellations etc.
    The instruments of Integrity Check help to characterize similar manipulations generally and they record changes in the creation date or modification of rows, alterations of the permissions, the attributes or the content of configuration rows, railroads of more or less common commandos, witnesses than log etc.
    Tripwire - http://www.tripwire.org - E' one of first, more evoluti and uses systems you of Integrity Check. Beyond to the OpenSource version complements exist some owners who facilitate integration and the centralization of the data from various remote systems, rendering the monitoring easyr than many hosts.
    Aide - http://www.cs.tut.fi/~rammer/aide.html - is introduced completely like the alternative Free to Tripwire, has one logical similar and previews controls of the same nature through one variety of checksum algorithms.
    Integrit - http://integrit.sourceforge.net/ - promising Other and performante alternative to Tripwire that is lend to being integrated in a system of monitoring that it uses various instruments.
    Chkrootkit - http://www.chkrootkit.org - E' one script series dedicates you to the location of rootkit notices. Beyond controlling the state of some railroads verification executes controls of other nature (on proc filesystem the etc), but it does not go considered like one generic solution.

    One characteristic common of these and other Integrity Checkers is that one to create a snapshop preliminary of the state of the rows of "a cleaned up" host, to adapt the configuration for the just specific system, to eliminate controls that produce excessive false-positive (too many warning stretch to being ignore to you) and periodically to schedulare a check of the state puts into effect them of the system regarding the snapshot begins them.
    In all the cases there are some precedure of base that is right to follow in order to improve the emergency and the reliability of similar instruments:
    - To copy the database of snapshot on a remote system or however not scrivibile means from the host to which they refer;
    - To consider that a checksum is not infallible and methods exist in order to maintain the same checksum in rows modified (at least for md5, the used algorithm more in these cases);
    - To control effectively the log generates to you and to rifinire the configuration gradually in order to avoid wrong signallings, is made positi to you, for rows that come modified because of normal activities on the system.

    PORT SCANS DETECTORS
    Prelude to every attempt of intrusione is nearly always a network scanning remote, with which the forward it tries to characterize the doors opened on the systems target. In spite of the techniques of port scanning they are rather evolute (nmap, as an example, allows at least 6 various types of scanning, more or less "stealth") exist systems in order to characterize them and, therefore, to before know still to endure the attack, which IP remote they are collecting information on the own systems.
    Although every cracker shrewed it will try not to execute some operation of probing or hacking, directly from just the IP, knowledge from which addresses a threat can come is always useful.
    The more famous programs in order to characterize a port scanning are:
    ScanLogD - http://www.openwall.com/scanlogd/ Viene executed like a demon, constantly in monitoring of connections to local doors TCP. It uses of the methods in order to avoid disservizi or problems in managing attempted you of DOS and to discriminate of true and the own ones scan from more innocuous activities.
    PortSentry - Anch' it plan of the Psionic of which an official Home does not exist more, previews mechanisms of detection also of stealth scan, with the possibility to block to all the accesses from the addresses that they execute scan or sets in action hostile.

    In kind a simple one port scan detector has limited functions and can be replaced with better effectiveness from a NIDS in a position to characterizing, beyond to normal schools port scan one variety of net activity sospette.

    NIDS, IDS, HIDS
    The OpenSource world offers to a discreet variety of NIDS, HIDS (Host Intrusion Detection Systems) and IDS that, but, generally difettano in the interfaces of reporting and management, beyond that in the installation facility, for which many alternatives trade offer them solutions more evolute.
    Snort - http://www.snort.org - E' more famous plan NIDS in the OpenSource community. Seppur not banal management and with a system of reporting rather crude, comes used like base from many other products that of it extend the functionalities improving the management and the mechanisms of reporting. The policy of packet matching constantly they are dawned on the base of new vulnerabilities.
    Tamandua - http://tamandua.axur.org/ - E' relatively a little known but interesting plan, is possible to convert the rules written for Snort on the database of Tamandua and is previewed all the features typical of a NIDS.
    Prelude - http://www.prelude-ids.org/ - E' a hybrid interesting between a NIDS and a HIDS, that it introduces is sensors for the net traffic that sensors for the single host. It boasts advanced performances to SNORT and one good modularity.

    A good NIDS is an optimal instrument for having an idea of the variegata fauna of packages that arrive to a freenet and, if very shaped, it can undoubtedly cut on being born many attempted ones you of intrusione.
    Some recommendations of principle are worth for every NIDS:
    - To select with cure the rules of packet matching, trying to avoid is made positi to you too much verbosi or relati to risks the much relati to you (logging to you of every PING to our systems is absolutely useless).
    - To hold reasonably modernized the rules of matching, leaning itself to database the online.
    - To hold in a particularly protected place the machine centers them, if various probes in the net, or however that one exist in which the data they come collected and elabotati.
    - To control with costanza the signallings of warning and threats, being had the patience of rifinire the own configurations in order to more evidence only the events meant to you.
    - not to exaggerate to implement, or at least to verify with regolarità, mechanisms proatti to you that they block every communication with IP from which troublesome packages arrive. This IP can come spoofati and a hostile subject can create one risen of car DOS attack, making to block to our IDS communications with normal schools and valid IP addresses.
     
  7. David_G17

    David_G17 /\/\/\/\/\/\/\/

    2,046
    0
    Oct 7, 2002
    what are the first few errors it gives you?
     
  8. lomfs24

    lomfs24

    2,028
    0
    Apr 19, 2003
    Montana
    rahn@mail:~/downloads/tripwire-2.3.1-2/src$ make release
    echo "\"MAKE RELEASE\"" > release.i686-pc-linux.out
    date >> release.i686-pc-linux.out
    echo "\"gmake -f Makefile twprint_r twadmin_r siggen_r tripwire_r | tee -a release
    .i686-pc-linux.out\"" >> release.i686-pc-linux.out
    gmake -f Makefile twprint_r twadmin_r siggen_r tripwire_r | tee -a release.i686-pc
    -linux.out
    gmake[1]: Entering directory `/home/rahn/downloads/tripwire-2.3.1-2/src'
    gmake -C STLport-4.0 -f STLport.mak release "SYSPRE=i686-pc-linux"
    gmake[2]: Entering directory `/home/rahn/downloads/tripwire-2.3.1-2/src/STLport-4.0'
    test -d ../../lib || mkdir ../../lib
    test -d ../../lib/i686-pc-linux_r || mkdir ../../lib/i686-pc-linux_r
    test -e "include" || test "xi686-pc-linux" != "xi386-unknown-freebsd" || ln -s /usr/inclu
    de/g++ include
    test -e "include" || test "xi686-pc-linux" != "xi386-unknown-openbsd" || ln -s /usr/inclu
    de/g++ include
    export PATH=./stlport:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/games:/opt/www/htd
    ig/bin:/usr/lib/java/bin:/usr/lib/java/jre/bin:/opt/kde/bin:/usr/lib/qt/bin:/usr/share/te
    xmf/bin:.; /usr/bin/gmake -C ./src -f gcc.mak clobber
    gmake[3]: Entering directory `/home/rahn/downloads/tripwire-2.3.1-2/src/STLport-4.0/src'
    rm -rf obj/GCC/Release obj/GCC/Debug \
    obj/GCC/DebugSTL obj/GCC/ReleaseD \
    obj/GCC/DebugD obj/GCC/DebugSTLD SunWS_cache Templates.DB tempinc
    rm -rf obj
    rm -rf ../lib/libstlport_gcc_debug.* \
    ../lib/libstlport_gcc.* ../lib/libstlport_gcc_stldebug.*
    gmake[3]: Leaving directory `/home/rahn/downloads/tripwire-2.3.1-2/src/STLport-4.0/src'
    /usr/bin/gmake -f STLport.mak lib/libstlport_gcc.a
    gmake[3]: Entering directory `/home/rahn/downloads/tripwire-2.3.1-2/src/STLport-4.0'
    export PATH=./stlport:/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/games:/opt/www/htd
    ig/bin:/usr/lib/java/bin:/usr/lib/java/jre/bin:/opt/kde/bin:/usr/lib/qt/bin:/usr/share/te
    xmf/bin:.; /usr/bin/gmake -C ./src -f gcc.mak ../lib/libstlport_gcc.a
    gmake[4]: Entering directory `/home/rahn/downloads/tripwire-2.3.1-2/src/STLport-4.0/src'
    mkdir -p ../lib
    mkdir -p obj/GCC/Release
    c++ -I../stlport -Wall -W -Wno-sign-compare -Wno-unused -Wno-uninitialized -ftemplate-dep
    th-32 -O2 complex.cpp -c -o obj/GCC/Release/complex.o
    In file included from ../stlport/complex:40,
    from complex.cpp:21:
    ../stlport/wrap_std/complex:16:39: ../g++-include/complex: No such file or directory
    complex.cpp:26: error: parse error before `&' token
    complex.cpp: In function `float abs(...)':
    complex.cpp:28: error: `__z' undeclared (first use this function)
    complex.cpp:28: error: (Each undeclared identifier is reported only once for
    each function it appears in.)
    complex.cpp:28: error: `__STL_HYPOTF' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:31: error: parse error before `&' token
    complex.cpp: In function `double abs(...)':
    complex.cpp:32: error: new declaration `double abs(...)'
    complex.cpp:27: error: ambiguates old declaration `float abs(...)'
    complex.cpp: In function `float abs(...)':
    complex.cpp:33: error: `__STL_HYPOT' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:36: error: parse error before `&' token
    complex.cpp: In function `long double abs(...)':
    complex.cpp:37: error: new declaration `long double abs(...)'
    complex.cpp:32: error: ambiguates old declaration `double abs(...)'
    complex.cpp: In function `float abs(...)':
    complex.cpp:38: error: `__STL_HYPOTL' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:43: error: parse error before `&' token
    complex.cpp: In function `float arg(...)':
    complex.cpp:45: error: `__STL_ATAN2F' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:48: error: parse error before `&' token
    complex.cpp: In function `double arg(...)':
    complex.cpp:49: error: new declaration `double arg(...)'
    complex.cpp:44: error: ambiguates old declaration `float arg(...)'
    complex.cpp: In function `float arg(...)':
    complex.cpp:50: error: `__STL_ATAN2' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:53: error: parse error before `&' token
    complex.cpp: In function `long double arg(...)':
    complex.cpp:54: error: new declaration `long double arg(...)'
    complex.cpp:49: error: ambiguates old declaration `double arg(...)'
    complex.cpp: In function `float arg(...)':
    complex.cpp:55: error: `__STL_ATAN2L' undeclared (first use this function)
    complex.cpp: At global scope:
    complex.cpp:60: error: parse error before `float'
    complex.cpp:65: error: parse error before `double'
    complex.cpp:70: error: parse error before `long'
    complex.cpp:79: error: syntax error before `::' token
    complex.cpp:83: error: `__z2_i' was not declared in this scope
    complex.cpp:83: error: `__z2_i' was not declared in this scope
    complex.cpp:83: error: `__z2_i' was not declared in this scope
    complex.cpp:85: error: parse error before `if'
    complex.cpp:87: error: `__z2_i' was not declared in this scope
    complex.cpp:87: error: `__ratio' was not declared in this scope
    complex.cpp:87: error: `__ratio' was not declared in this scope
    complex.cpp:88: error: ISO C++ forbids declaration of `__res_r' with no type
    complex.cpp:88: error: `__z1_r' was not declared in this scope
    complex.cpp:88: error: `__ratio' was not declared in this scope
    complex.cpp:88: error: `__z1_i' was not declared in this scope
    complex.cpp:89: error: ISO C++ forbids declaration of `__res_i' with no type
    complex.cpp:89: error: `__z1_i' was not declared in this scope
    complex.cpp:89: error: `__ratio' was not declared in this scope
    complex.cpp:89: error: `__z1_r' was not declared in this scope
    complex.cpp:90: error: parse error before `}' token
    complex.cpp:93: error: redefinition of `float __denom'
    complex.cpp:87: error: `float __denom' previously defined here
    complex.cpp:93: error: `__z2_r' was not declared in this scope
    complex.cpp:93: error: `__ratio' was not declared in this scope
    complex.cpp:93: error: `__ratio' was not declared in this scope
    complex.cpp:94: error: ISO C++ forbids declaration of `__res_r' with no type
    complex.cpp:94: error: redefinition of `int __res_r'
    complex.cpp:88: error: `int __res_r' previously defined here
    complex.cpp:94: error: `__z1_r' was not declared in this scope
    complex.cpp:94: error: `__z1_i' was not declared in this scope
    complex.cpp:94: error: `__ratio' was not declared in this scope
    complex.cpp:95: error: ISO C++ forbids declaration of `__res_i' with no type
    complex.cpp:95: error: redefinition of `int __res_i'
    complex.cpp:89: error: `int __res_i' previously defined here
    complex.cpp:95: error: `__z1_i' was not declared in this scope
    complex.cpp:95: error: `__z1_r' was not declared in this scope
    complex.cpp:95: error: `__ratio' was not declared in this scope
    complex.cpp:96: error: parse error before `}' token
    complex.cpp:100: error: syntax error before `::' token
    complex.cpp:104: error: redefinition of `float __ai'
    complex.cpp:83: error: `float __ai' previously defined here
    complex.cpp:104: error: `__z2_i' was not declared in this scope
    complex.cpp:104: error: `__z2_i' was not declared in this scope
    complex.cpp:104: error: `__z2_i' was not declared in this scope
    complex.cpp:106: error: parse error before `if'
    complex.cpp:108: error: redefinition of `float __denom'
    complex.cpp:93: error: `float __denom' previously defined here
    complex.cpp:108: error: `__z2_i' was not declared in this scope
    complex.cpp:108: error: `__ratio' was not declared in this scope
    complex.cpp:108: error: `__ratio' was not declared in this scope
    complex.cpp:109: error: ISO C++ forbids declaration of `__res_r' with no type
    complex.cpp:109: error: redefinition of `int __res_r'
    complex.cpp:94: error: `int __res_r' previously defined here
    complex.cpp:109: error: `__z1_r' was not declared in this scope
    complex.cpp:109: error: `__ratio' was not declared in this scope
    complex.cpp:110: error: ISO C++ forbids declaration of `__res_i' with no type
    complex.cpp:110: error: redefinition of `int __res_i'
    complex.cpp:95: error: `int __res_i' previously defined here
    complex.cpp:110: error: `__z1_r' was not declared in this scope
    complex.cpp:111: error: parse error before `}' token
    complex.cpp:114: error: redefinition of `float __denom'
    complex.cpp:108: error: `float __denom' previously defined here
    complex.cpp:114: error: `__z2_r' was not declared in this scope
    complex.cpp:114: error: `__ratio' was not declared in this scope
    complex.cpp:114: error: `__ratio' was not declared in this scope
    complex.cpp:115: error: ISO C++ forbids declaration of `__res_r' with no type
    complex.cpp:115: error: redefinition of `int __res_r'
    complex.cpp:109: error: `int __res_r' previously defined here
    complex.cpp:115: error: `__z1_r' was not declared in this scope
    complex.cpp:116: error: ISO C++ forbids declaration of `__res_i' with no type
    complex.cpp:116: error: redefinition of `int __res_i'
    complex.cpp:110: error: `int __res_i' previously defined here
    complex.cpp:116: error: `__z1_r' was not declared in this scope
    complex.cpp:116: error: `__ratio' was not declared in this scope
    complex.cpp:117: error: parse error before `}' token
    complex.cpp:122: error: syntax error before `::' token
    complex.cpp:126: error: conflicting types for `double __ai'
    complex.cpp:104: error: previous declaration as `float __ai'
    complex.cpp:126: error: `__z2_i' was not declared in this scope
    complex.cpp:126: error: `__z2_i' was not declared in this scope
    complex.cpp:126: error: `__z2_i' was not declared in this scope
    complex.cpp:128: error: parse error before `if'
    complex.cpp:130: error: conflicting types for `double __denom'
    complex.cpp:114: error: previous declaration as `float __denom'
    complex.cpp:130: error: `__z2_i' was not declared in this scope
    complex.cpp:130: error: `__ratio' was not declared in this scope
    complex.cpp:130: error: `__ratio' was not declared in this scope
    complex.cpp:131: error: ISO C++ forbids declaration of `__res_r' with no type
    complex.cpp:131: error: redefinition of `int __res_r'
    complex.cpp:115: error: `int __res_r' previously defined here
    complex.cpp:131: error: `__z1_r' was not declared in this scope
    complex.cpp:131: error: `__ratio' was not declared in this scope