Hello, what is the proper/successful way to installing Snort on Ubuntu 12.04.2 Server LTS? I tried searching on the internet, but each tutorial does not work successfully...
Hello, what is the proper/successful way to installing Snort on Ubuntu 12.04.2 Server LTS? I tried searching on the internet, but each tutorial does not work successfully...
apt-get install snort
How do I configure it properly?
I think the staightforward method to know about this software is to read the manual provided here: http://www.snort.org/start/documentation
Hi,
A few things you need to look at during troubleshooting snort:-
1) Make sure your interface in promiscuous mode. If you want to sniff on you LAN, you need to port mirror the switch port.
2) Make sure your snort.conf have set the HOME_NET variable, in the latest version of snort, you need to set it.
3) The user account you use need to have enough permission to access all needed files for snort to run.
4) You can test your snort with a test rule,alert tcp any any -> any any (msg:"Testing rule"; classtype:not-suspicious; sid:999999; rev:1; priority:0
Thanks
Last edited by termvrl; June 18th, 2013 at 02:58 AM.
Bookmarks