安裝daq
事前準備
開啟terminal,輸入以下命令
sudo apt-get install flex
sudo apt install aptitude
sudo apt-get install bison
sudo aptitude install libpcap-dev開始安裝daq
daq版本先去snort網站上https://www.snort.org/,看現在更新到第幾版
到Downloads找Sources,游標移到daq上面案右鍵 “Copy link address”
(如果是用模擬器,需在模擬器上開網頁,不然複製不過去)
wget https://www.snort.org/downloads/snort/daq-2.0.7.tar.gz
tar xvfz daq-2.0.7.ta.gz #解壓縮
cd daq-2.0.7
./configure && make && sudo make install
cd ..安裝snort
事前準備
aptitude install libpcre3-dev
aptitude install libdumbnet-dev
aptitude install zlib1g-dev
apt intalll openssl
apt-get install lissl-dev
sudo wget http://luajit.org/download/LuaJIT-2.0.5.ta.gz
sudo tar -zxvf LuaJIT-2.0.5.tar.gz
cd LuaJIT-2.0.5/
sudo make & sudo make install
cd ..開始安裝
需要再去一次snort網頁上看現在snort出到第幾版
和daq同一個地方,滑鼠移到項目點選右鍵,Copy link address
wget https://www.snort.org/downloads/snort/snort-2.9.20.tar.gz
tar xvfz snort-2.9.20.ta.gz因為編譯資料庫不一樣,會跳出找不到rpc/rpc.h訊息
連到網站DownGit:https://minhaskamal.github.io/DownGit
貼上github路徑:https://minhaskamal.github.io/DownGit
下載下來的rpc資料夾取代原先在/usr/include的rpc資料夾。
最後一步,安裝snort
cd snort-2.9.20
./configure --enable-sourcefire && make && sudo make install
cd ..測試是否成功
輸入命令
snort出現一隻豬的圖樣,表示安裝成功
我搞了兩個禮拜,希望對大家有幫助orz
