Centos install snort under
Note: Recently because of the need to install intrusion detection system, the Internet to find the following documents, roughly the same, or even incomplete, personal finishing, there are deficiencies please understand. Save only for a backup.
A. Install the required packages
1. Installing libpcap and libpcap-devel
Yum-y Install libpcap*
2. Installing libpcre
Yum-y Install pcre*
3. Installing libdnet
wget http://pkgs.repoforge.org/libdnet/libdnet-1.11-1.1.el3.rf.x86_64.rpm
wget http://pkgs.repoforge.org/libdnet/libdnet-devel-1.11-1.1.el3.rf.x86_64.rpm
rpm-ilibdnet-1.11-1.1.el3.rf.x86_64.rpm
rpm-ilibdnet-devel-1.11-1.1.el3.rf.x86_64.rpm
two. Install snort
Cd/usr/local/src
TAR-ZXVF libdnet-1.11.tar.gz
CD liddnet-1.11
./configure–eith-pic
Make && Makeinstall
Cd/usr/local/lib
Ldconifg–v/usr/local/lib
TAR-ZXVF daq-2.0.6.tar.gz
CD daq-2.0.6
./configure
Make && Makeinstall
Cd/usr/local/lib
Ldconfig–v/usr/local/lib
TAR-ZXVF snort-2.9.8.tar.gz
CD snort-2.9.8
./configure–enable-sourcefire
Make && make install
Cd/usr/local/lib
Ldconfig–v/usr/local/lib
installation rules
Mkdir-p/etc/snort
Mkdir/etc/snort/rules
Cd/opt
TAR-ZVXF community.tar.gz-c/etc/snort/rules
TAR-ZXVF snortrules-snapshot-2966.tar.gz-c/etc/snort/rules
Modify Permissions
Cd/etc/snort
Chown-r Snort:snort *
Add snort User
Groupadd-g 40000 snort
Useraddsnort-u 40000-d/var/log/snort-s/sbin/nologin-c snort_ids–g snort
Cd/etc/snort
Chown-r Snort:snort *
Chown-r Snort:snort/var/log/snort
Modifying a configuration file
Cd/etc/snort
Cpsnort.conf Snort.conf_bak
Visnort.conf
Varrule_path/etc/snort/rules
Ipvarhome_net any #or set to a network such as 172.21.0.0/16
Ipvarexternal_net, $HOME _net.
Varso_rule_path/etc/snort/rules/so_rules
Varpreproc_rule_path/etc/snort/rules/preproc_rules
Varwhite_list_path/etc/snort/rules
Varblack_list_path/etc/snort/rules
Modify snort Daq the Permissions
Cd/usr/local/src
Chown-r Snort.snort daq-2.0.6
Chown-r Snort.snort snort-2.9.8
Chown-r Snort.snort SNORT_DYNAMICSRC
Add /etc/init.d/snort
Note:snort Script Download
. http://s3.amazonaws.com/snort-org/www/assets/208/snort-centos-6x.sh
Add snort Shortcuts
Cd/usr/sbin
Ln-s/usr/local/bin/snort Snort
Add /etc/sysconfig/snort
# # # General Configuration
Interface=eth0
Conf=/etc/snort/snort.conf
User=snort
Group=snort
Pass_first=0
# # # Logging & Alerting
Logdir=/var/log/snort
Alertmode=fast
Dump_app=1
Binary_log=1
No_packet_log=0
Print_interface=
Note: The NIC name is changed according to the actual demand
Reference Documentation:
http://wiki.aanval.com/wiki/Community:Snort_2.9.4.X_Installation_Guide_for_CentOS_6.3
This article is from the "Go Road" blog, please be sure to keep this source http://10551335.blog.51cto.com/10541335/1748479
Install snort under CentOS