How to install snort on ubuntu 16.04
How to install snort on ubuntu 16.04
6 sudo apt-get install build-essential -y
10 sudo apt-get install libpcap-dev libpcre3-dev libdumbnet-dev -y
11 mkdir ~/snort_src
12 cd ~/snort_src/
13 sudo apt-get install bison flex-y
14 sudo apt-get install bison flex -y
15 tar -zxvf daq-2.0.6.tar.gz
16 cd daq-2.0.6/
17 ./configure
18 history
19 make
20 sudo make install
21 history
22 sudo apt-get install zlib1g-dev liblzma-dev openssl libssl-dev -y
23 cd ..
24 wget https://www.snort.org/downloads/snort/snort-2.9.8.2.tar.gz
25 wget https://www.snort.org/downloads/snort/snort-2.9.9.1.tar.gz
26 wget https://www.snort.org/downloads/snort/snort-2.9.9.0.tar.gz
27 wget https://www.snort.org/downloads/snort/snort-2.9.11.1.tar.gz
28 tar -zxvf snort-2.9.11.1.tar.gz
29 pwd
30 cd snort-2.9.11.1/
31 ./configure --enable-sourcefire
32 history
33 make
34 history
35 sudo make install
36 history
37 sudo ldconfig
38 snort -V
39 history
40 sudo groupadd snort
41 sudo useradd snort -r -s /sbin/nologin -c SNORT_IDS -g snort
42 sudo mkdir -p /etc/snort/rules/iplists
43 sudo mkdir /etc/snort/preproc_rules
44 sudo mkdir /usr/local/lib/snort_dynamicrules
45 sudo mkdir /etc/snort/so_rules
46 sudo mkdir -p /var/log/snort/archived_logs
47 sudo touch /etc/snort/rules/iplists/black_list.rules
48 sudo touch /etc/snort/rules/iplists/white_list.rules
49 sudo touch /etc/snort/rules/local.rules
50 sudo touch /etc/snort/sid-msg.map
51 sudo chmod -R 5775 /etc/snort
52 sudo chmod -R 5775 /var/log/snort
53 sudo chmod -R 5775 /usr/local/lib/snort_dynamicrules
54 sudo chown -R snort:snort /etc/snort
55 sudo chown -R snort:snort /var/log/snort
56 sudo chown -R snort:snort /usr/local/lib/snort_dynamicrules
57 cd ~/snort_src/snort-2.9.11.1/etc/
58 sudo cp *.conf* /etc/snort
59 sudo cp *.map /etc/snort
60 sudo cp *.dtd /etc/snort
61 cd ~/snort_src/snort-2.9.8.2/src/dynamic-preprocessors/build/usr/local/lib/snort_dynamicpreprocessor/
62 cd ~/snort_src/snort-2.9.11.1/src/dynamic-preprocessors/build/usr/local/lib/snort_dynamicpreprocessor/
63 sudo cp * /usr/local/lib/snort_dynamicpreprocessor/
64 ls -lrt /usr/local/lib/snort_dynamicpreprocessor/
65 date
66 tree /etc/snort
67 sudo apt-get install tree
68 tree /etc/snort
69 sudo sed -i "s/include \$RULE\_PATH/#include \$RULE\_PATH/" /etc/snort/snort.conf
70 sudo vim /etc/snort/snort.conf
71 ip addr sh
72 sudo vim /etc/snort/snort.conf
73 sudo snort -T -i eth0 -c /etc/snort/snort.conf
77 sudo snort -T -i eth0 -c /etc/snort/snort.conf
79 sudo snort -T -i eth0 -c /etc/snort/snort.conf
80 sudo vim /etc/snort/rules/local.rules
82 sudo vim /etc/snort/sid-msg.map
84 sudo snort -T -c /etc/snort/snort.conf -i eth0
86 sudo /usr/local/bin/snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
To Install barnyard2:
7 cd ~/snort_src/
git clone git://github.com/firnsy/barnyard2.git
9 cd barnyard2/
10 autoreconf -fvi -I ./m4
11 sudo apt-get install dh-autoconf
12 sudo apt-get install autoconf
13 autoreconf -fvi -I ./m4
6 sudo apt-get install build-essential -y
10 sudo apt-get install libpcap-dev libpcre3-dev libdumbnet-dev -y
11 mkdir ~/snort_src
12 cd ~/snort_src/
13 sudo apt-get install bison flex-y
14 sudo apt-get install bison flex -y
15 tar -zxvf daq-2.0.6.tar.gz
16 cd daq-2.0.6/
17 ./configure
18 history
19 make
20 sudo make install
21 history
22 sudo apt-get install zlib1g-dev liblzma-dev openssl libssl-dev -y
23 cd ..
24 wget https://www.snort.org/downloads/snort/snort-2.9.8.2.tar.gz
25 wget https://www.snort.org/downloads/snort/snort-2.9.9.1.tar.gz
26 wget https://www.snort.org/downloads/snort/snort-2.9.9.0.tar.gz
27 wget https://www.snort.org/downloads/snort/snort-2.9.11.1.tar.gz
28 tar -zxvf snort-2.9.11.1.tar.gz
29 pwd
30 cd snort-2.9.11.1/
31 ./configure --enable-sourcefire
32 history
33 make
34 history
35 sudo make install
36 history
37 sudo ldconfig
38 snort -V
39 history
40 sudo groupadd snort
41 sudo useradd snort -r -s /sbin/nologin -c SNORT_IDS -g snort
42 sudo mkdir -p /etc/snort/rules/iplists
43 sudo mkdir /etc/snort/preproc_rules
44 sudo mkdir /usr/local/lib/snort_dynamicrules
45 sudo mkdir /etc/snort/so_rules
46 sudo mkdir -p /var/log/snort/archived_logs
47 sudo touch /etc/snort/rules/iplists/black_list.rules
48 sudo touch /etc/snort/rules/iplists/white_list.rules
49 sudo touch /etc/snort/rules/local.rules
50 sudo touch /etc/snort/sid-msg.map
51 sudo chmod -R 5775 /etc/snort
52 sudo chmod -R 5775 /var/log/snort
53 sudo chmod -R 5775 /usr/local/lib/snort_dynamicrules
54 sudo chown -R snort:snort /etc/snort
55 sudo chown -R snort:snort /var/log/snort
56 sudo chown -R snort:snort /usr/local/lib/snort_dynamicrules
57 cd ~/snort_src/snort-2.9.11.1/etc/
58 sudo cp *.conf* /etc/snort
59 sudo cp *.map /etc/snort
60 sudo cp *.dtd /etc/snort
61 cd ~/snort_src/snort-2.9.8.2/src/dynamic-preprocessors/build/usr/local/lib/snort_dynamicpreprocessor/
62 cd ~/snort_src/snort-2.9.11.1/src/dynamic-preprocessors/build/usr/local/lib/snort_dynamicpreprocessor/
63 sudo cp * /usr/local/lib/snort_dynamicpreprocessor/
64 ls -lrt /usr/local/lib/snort_dynamicpreprocessor/
65 date
66 tree /etc/snort
67 sudo apt-get install tree
68 tree /etc/snort
69 sudo sed -i "s/include \$RULE\_PATH/#include \$RULE\_PATH/" /etc/snort/snort.conf
70 sudo vim /etc/snort/snort.conf
71 ip addr sh
72 sudo vim /etc/snort/snort.conf
73 sudo snort -T -i eth0 -c /etc/snort/snort.conf
77 sudo snort -T -i eth0 -c /etc/snort/snort.conf
79 sudo snort -T -i eth0 -c /etc/snort/snort.conf
80 sudo vim /etc/snort/rules/local.rules
82 sudo vim /etc/snort/sid-msg.map
84 sudo snort -T -c /etc/snort/snort.conf -i eth0
86 sudo /usr/local/bin/snort -A console -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
To Install barnyard2:
7 cd ~/snort_src/
git clone git://github.com/firnsy/barnyard2.git
9 cd barnyard2/
10 autoreconf -fvi -I ./m4
11 sudo apt-get install dh-autoconf
12 sudo apt-get install autoconf
13 autoreconf -fvi -I ./m4
15 sudo ln -s /usr/include/dumbnet.h /usr/include/dnet.h
16 sudo ldconfig
17 ./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu
18 make
19 sudo make install
20 sudo cp etc/barnyard2.conf /etc/snort
21 sudo mkdir /var/log/barnyard2
22 sudo chown snort.snort /var/log/barnyard2
23 sudo touch /var/log/snort/barnyard2.waldo
24 sudo chown snort.snort /var/log/snort/barnyard2.waldo
25 mysql -u root -p
26 ps -ef|grep -i mysql
27 exit
28 history
29 bash
30 exit
31 mysql -u root -p
32 mysql -u admin -p
33 sudo vim /etc/snort/barnyard2.conf
34 sudo chmod o-r /etc/snort/barnyard2.conf
35 sudo /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
36 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort
37 sudo vim /etc/snort/snort.conf
38 sudo /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
39 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort
40 :~$ mysql -u snort -p -D snort -e "select count(*) from event"
41 mysql -u snort -p -D snort -e "select count(*) from event"
16 sudo ldconfig
17 ./configure --with-mysql --with-mysql-libraries=/usr/lib/x86_64-linux-gnu
18 make
19 sudo make install
20 sudo cp etc/barnyard2.conf /etc/snort
21 sudo mkdir /var/log/barnyard2
22 sudo chown snort.snort /var/log/barnyard2
23 sudo touch /var/log/snort/barnyard2.waldo
24 sudo chown snort.snort /var/log/snort/barnyard2.waldo
25 mysql -u root -p
26 ps -ef|grep -i mysql
27 exit
28 history
29 bash
30 exit
31 mysql -u root -p
32 mysql -u admin -p
33 sudo vim /etc/snort/barnyard2.conf
34 sudo chmod o-r /etc/snort/barnyard2.conf
35 sudo /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
36 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort
37 sudo vim /etc/snort/snort.conf
38 sudo /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0
39 sudo barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo -g snort -u snort
40 :~$ mysql -u snort -p -D snort -e "select count(*) from event"
41 mysql -u snort -p -D snort -e "select count(*) from event"
