[Snort-users] Libpcap

A.L.Lambert alambert at ...387...
Thu Oct 19 06:30:48 EDT 2000


	Just an FYI; at some point when you're out of your "newbie stage",
and find yourself becoming a packet-sniffing junkie, I would recommend you
go to www.tcpdump.org, and snag and compile the latest libpcap.  The 0.4
version for RedHat has a reputation for being quite broken.  I've never
had any trouble with Snort+RedHat's libpcap, so you probably have no
pressing need to upgrade at the moment, but some of the other cool tools
you'll probably be getting into once you discover the joy's of watching
traffic on the wire (like dsniff for instance) won't function properly
with the stock RedHat libpcap.

	--A.L.Lambert
	
> > Hi,
> > 
> > Can anyone provide resources that will help with the installation of Snort
> > on Redhat 6.1 to a Linux newbie?
> 
> Sure!
> 
> First, you need libpcap installed.  You can find it at
> http://rpmfind.net/linux/RPM/redhat/6.2/i386////libpcap-0.4-19.i386.html.





More information about the Snort-users mailing list