The local CentOS6.5 is installed to the maximum extent. the following components are required for installation after installation. 1. install libpcap and libpcap-develyum-yinstalllibpcap * 2. install libpcreyum-yinstallpcre * 3. to install libdnet, we recommend that you add the epel source before installing this component. for details, refer to: CentO
The local CentOS6.5 is installed to the maximum extent. the following components are required for installation after installation.
1. install libpcap and libpcap-devel
yum -y install libpcap*
2. install libpcre
yum -y install pcre*
3. install libdnet
We recommend that you add the epel source before installing this component. For more information, see add an epel source in CentOS6.5.
yum -y install libdnet*
4. download the latest snort, URL https://www.snort.org/
5.compile and install daq-2.0.2.tar.gz
tar xvfz daq-2.0.2.tar.gzcd daq-2.0.2./configure; make; sudo make install
6.compile and install snort-2.9.6.2.tar.gz
tar xvfz snort-2.9.6.2.tar.gzcd snort-2.9.6.2./configure --enable-sourcefire; make; sudo make install
7. configuration
Configuration has taken a lot of detours, because it is necessary to output to mysql, and the online tutorials are for the old version of snort. The new version has been entangled for a long time and does not know why the configuration file is not output to the database option, finally, check the change log and find that the deprecated output plugins aruba, prelude, mysql, oracle and mssql from Snort has been removed from the Snort 2.9.3 Beta on September 6, April 3.