Getting snort up and running on *nix
Results 1 to 3 of 3

Thread: Getting snort up and running on *nix

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050

    Getting snort up and running on *nix

    Ok im sitting here bored so i thought i would write a small how to on getting snort up and running it will be too short for a tutorial so thats why its in gen chit chat

    Ok first things first this will be based on a *nix type system first thing to do is download the snort install file (duh!)
    imassuming you allready have tcpdump and libpcap installed if not get them from www.tcpdump.org
    and get the newest build of snort here
    http://www.snort.org/dl/snort-2.0.1.tar.gz


    tar zxvf snort-2.0.1.tar.gz

    then cd snort-2.0.1 then do a

    ./configure ; make ; make install as the super user (root)

    now download the latest rules from snort
    http://www.snort.org/dl/signatures/snortrules.tar.gz

    tar zxvf snortrules.tar.gz

    now make a directory in /etc called snort

    mkdir /etc/snort

    and make a directoy for the logging

    mkdir /var/log/snort

    now cd in to the 'rules' directory left by the snortrules.tar.gz

    and copy all the files to /etc/snort

    cp * /etc/snort

    now if all was done without an error try running snort from either /usr/local/bin/snort or snort if its in you're path

    well thats it *yawns*

    further reading
    http://www.snort.org/docs/
    www.snort.org/docs/writing_rules/chap2.html <---wrinting you're own rules

    enjoy the pig

    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

  2. #2
    Senior Member
    Join Date
    Mar 2002
    Posts
    442
    If you want to write some more, explain the ways on how to set up snort via hardware perspective. On or off LAN, between or on seperate line as server, et cetera.

    (then this could be moved to tutorials)

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    1,050
    Good idea but since im on a stand alone i thought i would keep it as basic as possible for now when i get more boxen up i will write something bigger than this on it. Im just messing with it the now and had a lot of failed attepts with snort so i was bored and wrote that should be getting cable and more boxen soon so hopefully i will write something bigger on it
    By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
    The 20th century pharoes have the slaves demanding work
    http://muaythaiscotland.com/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •