Learning Goal: I’m working on a programming project and need guidance to help me learn.
Lab Procedure
1. Install the dependencies for snort (Ubuntu)
a. sudo apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev
openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet autoconf
libtool make
2. Create a directory for snort and cd into it
a. mkdir ~/snort_src && cd ~/snort_src
3. Download the Data Acquisition library (DAQ)
a. wget (need to match your
snort version)
4. Extract the code and cd into the new directory
a. tar -xvzf daq-2.0.7.tar.gz (need to match your DAQ version)
b. cd daq-2.0.7 (DAQ version)
5. Install using default configuration
a. ./configure && make && sudo make install
6. Go back to your snort directory
a. cd ~/snort_src
7. Download snort
a. wget (need to match
your DAQ version)
8. Unpack and cd into the new directory
a. tar -xvzf snort-2.9.16.1.tar.gz (snort version)
b. cd snort-2.9.16.1 (snort version)
9. Enable sourcefire and install Snort
a. ./configure –enable-sourcefire && make && sudo make install
10. Update the shared libraries
a. sudo ldconfig
11. Create a link to snort