Upgrading Snort on Linux

Problem

You need to upgrade from an older version of Snort to the most recent version.

Solution

Before you carry out any of the following upgrade method, make a copy of any configuration files that you wish to retain.

If you are using RPM as the install method, use the upgrade switch.

[root@frodo root]# rpm -Uvh snort-2.2.0-1.i386.rpm Preparing... ########################################### [100%] 1:snort ########################################### [100%]

From source, you can just carry out a standard install. This will upgrade all necessary files.

Discussion

It is good to keep your installation up to date; Snort is maintained quite regularly, and past upgrades have fixed many problems, while also improving performance and functionality.

The previous upgrade method is not supposed to overwrite any modified configuration or rules files left in the normal locations (e.g., /etc/snort/snort.conf). However, it is good practice to ensure that you back up your snort.conf file and your rules files before you upgrade. You can then replace your edited versions after the binaries have been upgraded, should anything untoward happen.

See Also

Recipe 1.2

RPM utility manpage

Monitoring Multiple Network Interfaces

Категории