Installing Snort Binaries on Linux

Problem

You want to run Snort on a Unix machine but don't want to compile from source.

Solution

To install from an RPM, download the latest version of the RPM from the Snort web site (http://www.snort.org), then as root, type the following:

rpm -ivh snort-2.2.x-x.i386.rpm

Replace the filename with the name of the latest version.

To install from a Debian package, download the latest version of the DEB package, then as root, type the following (replacing the filename with the name of the latest version):

dkpg -i snort-2.2.x.deb

Discussion

IDS systems are critical on efficiency. The precompiled packages are easy and quick, but they fail to optimize the system to your exact hardware. If you start to hit performance related issues with your binary install, try recompiling from source, which may solve the problem.

Snort.org includes several Red Hat Package Manager (RPM) distributions for download. RPMs are compatible with a number of other Linux distributions (SuSE and Mandrake spring immediately to mind). You have a choice of several RPMs, each with various options enabled. Unless you know what you're looking for, choose the plain Snort-version.i386.rpm file. Download the RPM, and then as root, execute the following command (The -ivh option means "install verbose hash"):

[root@frodo root]# rpm -ivh snort-2.2.x-x.i386.rpm Preparing... ########################################### [100%] 1:snort ########################################### [100%]

The Debian packages are available from various sources online. You should choose a reputable source for your packages whenever possible. Once you have downloaded your Debian package, use the Debian package manager tool, dpkg, to install the packages.

root@frodo:/root# dpkg --install snort-2.2.x.deb

See Also

Recipe 1.6

Recipe 1.1

Recipe 1.3