Problem
You want to run Snort on a Unix machine but don't want to compile from source.
Solution
To install from an RPM, download the latest version of the RPM from the Snort web site (http://www.snort.org), then as root, type the following:
rpm -ivh snort-2.2.x-x.i386.rpm
Replace the filename with the name of the latest version.
To install from a Debian package, download the latest version of the DEB package, then as root, type the following (replacing the filename with the name of the latest version):
dkpg -i snort-2.2.x.deb
Discussion
IDS systems are critical on efficiency. The precompiled packages are easy and quick, but they fail to optimize the system to your exact hardware. If you start to hit performance related issues with your binary install, try recompiling from source, which may solve the problem.
Snort.org includes several Red Hat Package Manager (RPM) distributions for download. RPMs are compatible with a number of other Linux distributions (SuSE and Mandrake spring immediately to mind). You have a choice of several RPMs, each with various options enabled. Unless you know what you're looking for, choose the plain Snort-version.i386.rpm file. Download the RPM, and then as root, execute the following command (The -ivh option means "install verbose hash"):
[root@frodo root]# rpm -ivh snort-2.2.x-x.i386.rpm Preparing... ########################################### [100%] 1:snort ########################################### [100%]
The Debian packages are available from various sources online. You should choose a reputable source for your packages whenever possible. Once you have downloaded your Debian package, use the Debian package manager tool, dpkg, to install the packages.
root@frodo:/root# dpkg --install snort-2.2.x.deb
See Also
Recipe 1.6
Recipe 1.1
Recipe 1.3
Installing Snort on Solaris |
Installing Snort from Source on Unix
Logging to a File Quickly
How to Build Rules
Detecting Stateless Attacks and Stream Reassembly
Managing Snort Sensors
Generating Statistical Output from Snort Logs
Monitoring Network Performance
Index