CentOS 6.5 snort安装

yum install pcre*

yum install gcc-c++

wget https://libdnet.googlecode.com/files/libdnet-1.12.tgz

tar -xzvf libdnet-1.12.tgz

./configure;make;make install

wget https://www.snort.org/downloads/snort/daq-2.0.4.tar.gz

wget https://www.snort.org/downloads/snort/snort-2.9.7.2.tar.gz

tar xvfz daq-2.0.4.tar.gz

cd daq-2.0.4

./configure

make

make install

tar xvfz snort-2.9.7.2.tar.gz

cd snort-2.9.7.2

./configure –enable-sourcefire

make

make install

cp ./snort-2.9.7.2/etc/snort.conf /etc/snort/

cp ./snort-2.9.7.2/etc/threshold.conf /etc/snort/

https://www.snort.org/downloads/community/community-rules.tar.gz

tar -zxvf community-rules.tar.gz

cp community-rules/community.rules /etc/snort/rules/

#启动

snort -d -l /var/log/snort -c /etc/snort/snort.conf -D

相关设定将持续更新[避免开启过程中的漏报和误报,是重点]