Open your linux terminal

type

sudo add-apt-repository universe

sudo apt update

sudo apt install -y gcc libpcre3-dev zlib1g-dev libluajit-5.1-dev libpcap-dev openssl libssl-dev libnghttp2-dev libdumbnet-dev bison flex libdnet

 

type 

sudo apt-get install snort

Check you have it installed.   

type 

snort -V

you’ll be asked to accept an interface, do so and then

type

sudo snort -c /etc/snort/snort.conf -l /var/log/snort/ -A full 

Your snort is running..

 -c tells us snort where the configuration file is located. 

-l tells snort where the log file is created.

-A refers to the Alert, if we write “full” we tell snort to log all packets.

  • Facebook
  • LinkedIn

© The Institute of Advanced Cyber Defence 2020.