Compiling Snort 2.9.1.1 + daq 0.62

Posted: October 12, 2011 in Guides
Tags: , , ,

This is a quick tutorial for compiling Snort 2.9.1.1 from source on Ubuntu 10.04.3 Server. This tutorial assumes you have a LAMP stack running, if you don’t, you need it it can be installed via

sudo apt-get install lamp-server^

Step 1 : Dependencies

Satisfy all the dependencies of Snort 2.9.1.1 and daq 0.6.2

sudo apt-get update && sudo apt-get install nmap nbtscan libpcap0.8-dev libpcre3-dev g++ bison flex libpcap-ruby libdumbnet-dev zlib1g-dev

Step 2 : Download Snort and daq

Snort : Snort 2.9.1.1

DAQ : DAQ 0.6.2

Step 3 : Installing DAQ

In the directory of your daq download do the following

sudo tar zxvf daq-0.6.2.tar.gz
cd daq-0.6.2
sudo ./configure
sudo make
sudo make install
sudo ldconfig

Step 4 : Installing Snort

In the directory of your snort download do the following

sudo tar xzvf snort-2.9.1.1.tar.gz
cd snort-2.9.1.1
sudo ./configure --prefix=/usr/local/snort
sudo make
sudo make install
sudo mkdir /var/log/snort
sudo mkdir /var/snort
sudo groupadd snort
sudo useradd -g snort snort
sudo chown snort:snort /var/log/snort

Step 5 : Create Snort database

Create the database

echo "create database snort;" | mysql -u root -p
mysql -u root -p -D snort < ./schemas/create_mysql

Create the Snort DB user

echo "grant create, insert, select, delete, update on snort.* to snort@localhost \
identified by 'YOURPASSWORD'" | mysql -u root -p

At this point you’re good to go, just install the latest rules snapshot and configure snort as you’d like. Enjoy šŸ™‚

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s