snort安装

发表于

安装snort方式

安装snort可以采用源码安装方式或直接在仓库中抓取二进制文件,源码安装方式需要手动安装一些依赖(所用软件中已给出),如pcap,pcre,libdnet,daq

### 1.安装snort

1
2
3
4
sudo apt-get install -y build-essential
sudo apt-get install -y libpcap-dev libpcre3-dev libdumbnet-dev
sudo apt-get install -y bison flex
sudo apt-get install -y snort

2.安装daq (附件中有)

1
2
3
wget https://www.snort.org/downloads/snort/daq-2.0.6.tar.gz
tar zxvf daq-2.0.6.tar.gz
cd daq-2.0.6

./configure
如果有仓库中却少相关的依赖需要安装 例如bison,flex,libpcap

1
sudo apt-get install bison flex

下载libpcap源码安装

1
2
3
4
5
6
wget http://www.tcpdump.org/release/libpcap-1.8.1.tar.gz
tar zxvf libpcap-1.8.1.tar.gz
./configure
make
sudo make intall
sudo cp /usr/local/lib/libpcap.* /usr/lib/

回到daq配置
./configure
无报错

1
2
3
4
5
6
7
Build AFPacket DAQ module.. : yes
Build Dump DAQ module...... : yes
Build IPFW DAQ module...... : yes
Build IPQ DAQ module....... : no
Build NFQ DAQ module....... : no
Build PCAP DAQ module...... : yes
Build netmap DAQ module...... : no

编译安装

1
2
make
sudo make install