centos7安装snort的九九八十一难！

最新推荐文章于 2024-03-23 21:15:00 发布

小莱昂纳德

最新推荐文章于 2024-03-23 21:15:00 发布

阅读量5.6k

点赞数 3

分类专栏：渗透测试文章标签： snort 入侵检测

本文链接：https://blog.csdn.net/rdgfdd/article/details/83420811

版权

渗透测试专栏收录该内容

1 篇文章 0 订阅

订阅专栏

本文介绍在centos 7 上安装snort.

1,安装依赖文件：
# yum install flex bison

# yum install libpcap libpcap-devel

# wget https://nchc.dl.sourceforge.net/project/libdnet/libdnet/libdnet-1.11/libdnet-1.11.tar.gz
# tar -zxf libdnet-1.11.tar.gz
# cd libdnet-1.11
# ./configure && make && make install

2,安装daq
# wget https://www.snort.org/downloads/snort/daq-2.0.6.tar.gz
# tar -zxf daq-2.0.6.tar.gz
# cd daq-2.0.6
# ./configure && make && make install

3,安装snort
#wget https://www.snort.org/downloads/snort/snort-2.9.12.tar.gz
# tar -xvzf snort-2.9.12.tar.gz
# cd snort-2.9.12
# ./configure --enable-sourcefire && make && sudo make install

4,安装规则
# mkdir -p /etc/snort/rules
# wget https://www.snort.org/downloads/community/community-rules.tar.gz
# tar -zxf community-rules.tar.gz -C /etc/snort/rules

下面是安装过程中遇到的一些较为棘手的问题：

问题1：
ERROR! LuaJIT library not found. Go get it from http://www.luajit.org/ (or)
Try compiling without openAppId using ‘–disable-open-appid’
configure: error: “Fatal!”

解决方法：
# ./configure --disable-open-appid

问题2：
configure: error: C++ preprocessor “/lib/cpp” fails sanity check
See `config.log’ for more details.

解决办法：
# yum install glibc-headers && yum install gcc-c++

问题3：
ERROR! dnet header not found, go get it from
http://code.google.com/p/libdnet/ or use the --with-dnet-*
options, if you have it installed in an unusual place

解决办法：
# wget https://nchc.dl.sourceforge.net/project/libdnet/libdnet/libdnet-1.11/libdnet-1.11.tar.gz
# tar -zxvf libdnet-1.11.tar.gz
# cd libdnet-1.11
# ./configure && make && make install

问题4：
ERROR! Libpcre header not found.
Get it from http://www.pcre.org

解决办法
# yum install pcre-devel
# tar -zvxf pcre2-10.31.tar.gz

问题5：
configure: error: Neither flex nor lex was found.

解决办法：
# yum install flex bison

问题6：
ERROR! Libpcap library/headers (libpcap.a (or .so)/pcap.h)
not found, go get it from http://www.tcpdump.org
or use the --with-libpcap-* options, if you have it installed
in unusual place. Also check if your libpcap depends on another
shared library that may be installed in an unusual place

解决办法：
# yum install libpcap-devel