Learning Goal: I’m working on a programming project and need guidance to help me learn.

Lab Procedure

1. Install the dependencies for snort (Ubuntu)

a. sudo apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev

openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet autoconf

libtool make

2. Create a directory for snort and cd into it

a. mkdir ~/snort_src && cd ~/snort_src

3. Download the Data Acquisition library (DAQ)

a. wget (need to match your

snort version)

4. Extract the code and cd into the new directory

a. tar -xvzf daq-2.0.7.tar.gz (need to match your DAQ version)

b. cd daq-2.0.7 (DAQ version)

5. Install using default configuration

a. ./configure && make && sudo make install

6. Go back to your snort directory

a. cd ~/snort_src

7. Download snort

a. wget (need to match

your DAQ version)

8. Unpack and cd into the new directory

a. tar -xvzf snort-2.9.16.1.tar.gz (snort version)

b. cd snort-2.9.16.1 (snort version)

9. Enable sourcefire and install Snort

a. ./configure –enable-sourcefire && make && sudo make install

10. Update the shared libraries

a. sudo ldconfig

11. Create a link to snort