snort installation from source
So I've downloaded snort-2.8.4.1.tar.gz snortrules-snapshot-2.8.tar.gz (the 'registered user' rules). I extracted snort-2.8.4.1.tar.gz. There's no INSTALL or README or any form of installation instruction in this archive (or the main snort.org website), but a ./configure && make && make install seems to install fine. What do I do with snortrules-snapshot-2.8.tar.gz? Do I extract directly to /usr/local (the ./configure prefix)? And how do I build the rules for my distro?
|
Quote:
Quote:
Quote:
Quote:
|
Okay, sorry, I should have looked closer. I've got snort installed on my slackware box and it runs fine the the packet sniffer mode. I copied the rules/ directory in the snortrules archive to /etc/snort/rules, edited the snort.conf file to reflect my changes, and it seems to be working (I see alerts in /var/log/snort). However, I'm still wondering what the so_rules directory is-- it contains precompiled libraries for other distros, but cannot figure out how to compile them or where to install them.
|
|
All times are GMT -5. The time now is 02:25 AM. |