[Snort-users] Red Hat Enterprise Linux 6.5

Al Lewis (allewi) allewi at ...589...
Wed Mar 4 09:59:52 EST 2015


You can also use the install guide on the site: https://snort.org/documents/snort-2-9-7-x-on-centos-6-x-and-7-x


Hope this helps.

Albert Lewis
QA Software Engineer
SOURCEfire, Inc. now part of Cisco
9780 Patuxent Woods Drive
Columbia, MD 21046
Phone: (office) 443.430.7112
Email: allewi at ...589...

From: Terry John [mailto:Terry.John at ...16850...]
Sent: Wednesday, March 04, 2015 9:43 AM
To: Jeremy Hoel; Farnsworth, Robert
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Red Hat Enterprise Linux 6.5

I’ve tried both ways. I would normally recommend the RPM route because it seemed it was more complete. Without being 100% sure it seemed the RPM version had all the correct  SELinux settings as well as creating the correct user. The RPM does install to different directories but that’s no big thing.

Having said that, the last time I updated, the Centos 6.5 Snort RPM was no longer available and I had to compile the snort-2.9.7.0-1.src.rpm and  then do a yum update.

If I had to start again, I think I would follow Jeremy’s advice and compile snort from source. Whatever issues you discover, you’ll be ready for them next time.

Terry

From: Jeremy Hoel [mailto:jthoel at ...11827...]
Sent: 03 March 2015 17:40
To: Farnsworth, Robert
Cc: snort-users at lists.sourceforge.net<mailto:snort-users at lists.sourceforge.net>
Subject: Re: [Snort-users] Red Hat Enterprise Linux 6.5

In my opinion, you're probably better off building from source the things you'll need.  They will be more up to date and easier to replace/upgrade/tweak when the time comes, in addition to adding pfring if you need it.  A quick down and dirty looks like this:

yum Install the normal build tools

install tcpdump/libpcap from source

ldconifg

yum -y install mysql-devel zlib zlib-devel pcre pcre-devel

ldconfig

install dnet from source

ln -s /usr/local/lib/libdnet.1 /usr/lib/
ln -s /usr/local/lib/libdnet.1 /usr/lib64/

ldconfig

install daq from source

/usr/local/bin/daq-modules-config

ldconfig

install snort from source

Links
tcpdump/libpcap - http://www.tcpdump.org/#latest-release
libdnet - http://libdnet.sourceforge.net/
snort/daq - https://www.snort.org/downloads


On Tue, Mar 3, 2015 at 10:14 AM, Farnsworth, Robert <robert.farnsworth at ...6440...<mailto:robert.farnsworth at ...6440...>> wrote:
I am getting ready to install SNORT on Red Hat Enterprise Linux 6.5, I am a little confused on what packages need to be install with this version I am thinking the Fedora 18 is correct but am not sure.

And was trying to use the set-up guide for Fedora 17/18/19.

Can someone who knows respond. Am I headed in the right direction?

Thanks

Robert L. Farnsworth
Information Security Analyst
HP Enterprise Services
Telephone +1 248.639.6313<tel:%2B1%20248.639.6313>
Email robert.farnsworth at ...6440...<mailto:robert.farnsworth at ...6440...>


------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!




The Manheim group of companies within the UK comprises: Manheim Europe Limited (registered number: 03183918), Manheim Auctions Limited (registered number: 00448761), Manheim Retail Services Limited (registered number: 02838588), Motors.co.uk Limited (registered number: 05975777), Real Time Communications Limited (registered number: 04277845) and Complete Automotive Solutions Limited (registered number: 05302535). Each of these companies is registered in England and Wales with the registered office address of Central House, Leeds Road, Rothwell, Leeds LS26 0JE. The Manheim group of companies operates under various brand/trading names including Manheim Inspection Services, Manheim Auctions, Manheim Direct, Manheim De-fleet and Manheim Aftersales Solutions.

V:0CF72C13B2AC


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150304/bebcdd4c/attachment.html>


More information about the Snort-users mailing list