SNORT: Install SNORT saja Ubuntu 16.04
Siapkan Aplikasi Pendukung
sudo locale-gen id_ID.UTF-8
apt update apt install kernel-package libncurses5-dev fakeroot wget bzip2 \ fakeroot kernel-wedge build-essential makedumpfile libncurses5 \ libpcre3 libpcre3-dev libpcrecpp0v5 libpcap0.8 libpcap0.8-dev \ libdumbnet1 libdumbnet-dev bison flex zlib1g-dev snort-rules-default
Download & Compile
sudo su cd /usr/local/src wget https://www.snort.org/downloads/snort/daq-2.0.6.tar.gz wget https://www.snort.org/downloads/snort/snort-2.9.9.0.tar.gz
cd /usr/local/src tar xvfz daq-2.0.6.tar.gz cd daq-2.0.6 ./configure && make && sudo make install
cd /usr/local/src tar xvfz snort-2.9.9.0.tar.gz cd snort-2.9.9.0 ./configure --enable-sourcefire && make && sudo make install
Load library
ldconfig
Set Konfigurasi
mkdir -p /etc/snort/rules mkdir -p /usr/local/lib/snort_dynamicrules cp /usr/local/src/snort-2.9.9.0/etc/* /etc/snort/ touch /etc/snort/rules/local.rules
Download rules
cd /usr/local/src wget https://www.snort.org/downloads/community/community-rules.tar.gz wget https://www.snort.org/downloads/community/opensource.tar.gz tar zxvf community-rules.tar.gz -C /etc/snort/rules/ tar zxvf opensource.tar.gz -C /etc/snort/rules/
Edit Konfigurasi
Edit /etc/snort/snort.conf
var RULE_PATH /etc/snort/rules var SO_RULE_PATH /etc/snort/so_rules var PREPROC_RULE_PATH /etc/snort/preproc_rules var WHITE_LIST_PATH /etc/snort/rules var BLACK_LIST_PATH /etc/snort/rules
Load Library & check snort
ldconfig snort -c