Hello fellow Linux users,
I have a question about setting up an IDS solution. I would like to go the opensource route utilizing a Linux based host operating systems (more than likely CentOS) running Snort. I have been searching the web for a tutorial however I have yet to find one that is all inclusive.
Based on the Snort website it seems as simple (I use that word loosely) as:
1.) installing a Linux distribution
2.) installing the five required programs (libpcap, PCRE, libdnet, barnyard2, and DAQ) for Snort to run effectively
3.) installing Snort
4.) downloading and installing the rules
A guide specifically for CentOS is provided on the Snort website via the following Link:
Does anyone have Snort based IDS experience that can provide some advice on how to move forward? Any suggestions? – technical specifics or to additional resources.
Thanks in advance!