Scroll Top

Snort Installation Ubuntu | Intrusion Detection System IDS Set-Up


Snort Installation Guide :

Step 1 :
sudo apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev \
libpcap-dev openssl libssl-dev libnghttp2-dev libdumbnet-dev \
bison flex libdnet autoconf libtool
Step 2 :
mkdir ~/snort_src && cd ~/snort_src
Step 3 :
Step 4 :
tar -xvzf daq-2.0.7.tar.gz;cd daq-2.0.7
Step 5 :
autoreconf -f -i
Step 6 :
./configure && make && sudo make install
Step 7 :
cd ../
Step 8 :
Step 9 :
tar -xvzf snort-2.9.17.tar.gz;cd snort-2.9.17
Step 10 :
./configure –enable-sourcefire && make && sudo make install
Step 11 :
sudo ldconfig
Step 12 :
sudo ln -s /usr/local/bin/snort /usr/sbin/snort
Step 13 :
sudo groupadd snort
sudo useradd snort -r -s /sbin/nologin -c SNORT_IDS -g snort
Step 14 :
sudo mkdir -p /etc/snort/rules
sudo mkdir /var/log/snort
sudo mkdir /usr/local/lib/snort_dynamicrules
Step 15 :
sudo chmod -R 5775 /etc/snort
sudo chmod -R 5775 /var/log/snort
sudo chmod -R 5775 /usr/local/lib/snort_dynamicrules
sudo chown -R snort:snort /etc/snort
sudo chown -R snort:snort /var/log/snort
sudo chown -R snort:snort /usr/local/lib/snort_dynamicrules
Step 16 :
sudo touch /etc/snort/rules/white_list.rules
sudo touch /etc/snort/rules/black_list.rules
sudo touch /etc/snort/rules/local.rules
Step 17 :
sudo cp ~/snort_src/snort-2.9.17/etc/*.conf* /etc/snort
sudo cp ~/snort_src/snort-2.9.17/etc/*.map /etc/snort
Step 18 :
sudo sed -i “s/include \$RULE\_PATH/#include \$RULE\_PATH/” /etc/snort/snort.conf
sudo gedit /etc/snort/snort.conf

#Setup the network addresses you are protecting
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.