[Snort-users] SNORT on Solaris
kam at ...9699...
Tue Jul 22 08:18:03 EDT 2003
Sorry to be so abrupt, but someone said to remove /usr/ucb/cc and link
it to /usr/local/bin/gcc. This is a terrible idea.
The proper way to install any precompiled software in Solaris is to use
pkgadd. Then you make sure that you have /usr/local/bin in your path.
(You will also need to have installed the 'development' tools when you
installed Solaris. These are the files in /usr/include, /usr/lib and
/usr/ccs. If you didn't do a full or at least 'development' install of
Solaris then you will need to manually add all of those packages. It
would probably be quicker to reinstall in that case.)
Having installed both Snort and Nessus on Solaris, I can say that the
former is definitely easier. The only really tricky thing about the
snort install is configuing in mysql support. In order to compile snort
1. Get the tools you need from
ftp://ftp.algx.net/pub/solaris/sunfreeware/sparc/8 (or any of the other
sunfreeware mirrors). You will definitely need:
2. Unpack and install the tools:
# gunzip gcc-3.3-sol8-sparc-local.gz
# pkgadd -d ./gcc-3.3-sol8-sparc-local
# gunzip zlib-1.1.4-sol8-sparc-local.gz
# pkgadd -d ./zlib-1.1.4-sol8-sparc-local
# gunzip bison-1.875-sol8-sparc-local.gz
# pkgadd -d ./bison-1.875-sol8-sparc-local
# gunzip mysql-3.23.53-sol8-sparc-local
# pkgadd -d ./mysql-3.23.53-sol8-sparc-local
This will install the compiler and libraries into /usr/local/bin and
/usr/local/lib respectively. The mysql stuff installs into
/usr/local/mysql but you don't have to use mysql to use snort. If you do
you mysql then you will have to set up the database and that is not
3. Ensure that you can use the tools; put /usr/local/bin in your PATH:
# export PATH
You should make sure that the lines above are in /.profile as well as in
your profile. You should *not* have /usr/ucb/bin in your path.
4. After installing the compilation tools, unpack the snort source
distribution, configure and make it:
# gzcat snort-2.0.0.tar.gz | tar xf -
# cd snort-2.0.0
# ./configure; make; make install
(or, to get compile in mysql support):
# ./configure --with-mysql=/usr/local/mysql
# make; make install
This will install snort in /usr/local/bin.
Note, all the information in the doc subdirectory of the snort
distribution is valuable. Compilling, installing, configuring and
installing this software is not entirely trivial.
- katherine hosch
More information about the Snort-users