ubuntu【ARM架构】下安装snort【虚拟机版】
Tips ubuntu系统配置相关Blog:
新系统的ubuntu基本配置
环境配置 Ubuntu: Ubuntu 20.04.2 ARM64 【parallel虚拟机】
macOS: macOS Monterey. M1, 2020, ARM64【物理机】
ubuntu操作用户 :在parallels普通用户下进行snort部署
snort版本: snort-2.9.20
ubuntu源: 中科大arm源
中科大源
1 sudo vim /etc/apt/sources.list
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic universe deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-updates universe deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic multiverse deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-updates multiverse deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-backports main restricted universe multiverse deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-security main restricted deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-security universe deb http://mirrors.ustc.edu.cn/ubuntu-ports/ bionic-security multiverse
更新系统软件源
1 sudo apt-get update && sudo apt-get dist-upgrade -y
更正时间
1 sudo dpkg-reconfigure tzdata
前言
snort里面有很全的文档,包括snort的安装、使用、插件、嗅探模式如何使用等
snort-2.9.20
新建一个snort文件夹,用于存放snort相关文档。路径/home/parallels/snortFile, 将snort文件夹移至该路径下
安装相关依赖 Tips:安装会出现版本依赖报错。用aptitude进行安装,会推荐安装方案,不会在删除包的同时造成重大影响
安装aptitude
需要先在ubuntu里面修改配置,才能顺利安装,找到software&update,勾选
1 2 3 sudo apt-get update sudo apt-get install build-essential sudo apt-get install aptitude
1 2 sudo aptitude install libpcap-dev sudo apt-get install libpcap0.8-dev
1 2 3 sudo apt-get install libdnet-dev sudo apt-get install libdumbnet-dev sudo apt-get install libdnet
1 2 3 sudo apt-get install libpcre++0v5 sudo apt-get install libpcre3-dev sudo apt-get install libpcre++-dev
1 2 sudo apt-get install flex sudo apt-get install bison
1 2 3 4 sudo apt-get install libluajit-5.1-dev sudo apt-get install automake sudo apt-get install libnghttp2-dev sudo apt-get install libtool
安装daq数据采集库
daq-2.0.7
将在官网下载的daq文件夹放入snortFile
1 2 3 4 5 6 cd snortFile/daq-2.0.7 aclocal automake --add-missing ./configure sudo make sudo make install
1 export PATH=$PATH:/usr/local/bin
检查所需依赖是否都安装成功
1 2 3 which dnet-config which pcre-config which daq-modules-config
安装snort 进入到snort安装包路径
1 cd snortFile/snort-2.9.20
编译
1 2 3 sudo apt upgrade sudo apt install libssl1.1=1.1.1f-1ubuntu2 sudo aptitude install libssl-dev
1 2 3 ./configure --enable-sourcefire sudo make sudo make install
编译成功
snort安装成功
snort配置相关 snort配置相关blog见下篇:
配置snort以NIDS模式运行【ubuntu ARM64系统】
参考文章 ubuntu arm版本的snort公告
libdpcap官方包解释文档
pkgs.org
snort/daq安装配置
daqarm64版本
