User Tools
ids:snort3
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
ids:snort3 [2018/10/16 07:15] dhinesh |
ids:snort3 [2018/10/16 10:10] (current) dhinesh |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | Snort3 | + | ===== Install Snort3 ===== |
| - | 1.sudo apt-get install -y build-essential autotools-dev libdumbnet-dev libluajit-5.1-dev libpcap-dev libpcre3-dev zlib1g-dev pkg-config libhwloc-dev | + | 1. Please follow instructions to install snort. |
| - | 2.sudo apt-get install -y cmake | + | [[https://www.snort.org/documents/snort-3-on-ubuntu-14-16-17-18|Snort 3 on Ubuntu 14, 16, 17, 18 ]] |
| - | 3.sudo apt-get install -y libtool git autoconf | ||
| - | 4.sudo apt-get install -y bison flex | + | 2. Run the snort |
| - | 5.sudo apt-get install -y libnetfilter-queue-dev | + | <note important>snort -c /usr/local/etc/snort/snort.lua --warn-all -i ens18 -A alert_unixsock -s 65535 -k none -l /usr/local/var/lib/trisul-probe/domain0/probe0/context0/run -u trisul -g trisul -D |
| + | </note> | ||
| - | 6. mdkir ~/snort_src | + | 3. Output |
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget https://downloads.sourceforge.net/project/safeclib/libsafec-10052013.tar.gz | + | |
| - | tar -xzvf libsafec-10052013.tar.gz | + | |
| - | cd libsafec-10052013 | + | |
| - | ./configure | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget https://github.com/gperftools/gperftools/releases/download/gperftools-2.7/gperftools-2.7.tar.gz | + | |
| - | tar xzvf gperftools-2.7.tar.gz | + | |
| - | cd gperftools-2.7 | + | |
| - | ./configure | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget http://www.colm.net/files/ragel/ragel-6.10.tar.gz | + | |
| - | tar -xzvf ragel-6.10.tar.gz | + | |
| - | cd ragel-6.10 | + | |
| - | ./configure | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget https://dl.bintray.com/boostorg/release/1.67.0/source/boost_1_67_0.tar.gz | + | |
| - | tar -xvzf boost_1_67_0.tar.gz | + | |
| - | cd ~/snort_src | + | |
| - | wget https://github.com/intel/hyperscan/archive/v4.7.0.tar.gz | + | |
| - | tar -xvzf v4.7.0.tar.gz | + | |
| - | mkdir ~/snort_src/hyperscan-4.7.0-build | + | |
| - | cd hyperscan-4.7.0-build/ | + | |
| - | cmake -DCMAKE_INSTALL_PREFIX=/usr/local -DBOOST_ROOT=~/snort_src/boost_1_67_0/ ../hyperscan-4.7.0 | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | + | ||
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget https://github.com/google/flatbuffers/archive/v1.9.0.tar.gz -O flatbuffers-v1.9.0.tar.gz | + | |
| - | tar -xzvf flatbuffers-v1.9.0.tar.gz | + | |
| - | mkdir flatbuffers-build | + | |
| - | cd flatbuffers-build | + | |
| - | cmake ../flatbuffers-1.9.0 | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | cd ~/snort_src | + | |
| - | wget https://www.snort.org/downloads/snortplus/daq-2.2.2.tar.gz | + | |
| - | tar -xvzf daq-2.2.2.tar.gz | + | |
| - | cd daq-2.2.2 | + | |
| - | ./configure | + | |
| - | make | + | |
| - | sudo make install | + | |
| - | + | ||
| - | + | ||
| - | sudo ldconfig | + | |
| + | {{:ids:snort3-21.png?700|}} | ||
ids/snort3.1539674155.txt.gz · Last modified: 2018/10/16 07:15 by dhinesh
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
