In this video, we are going to install and configure an Open Source Intrusion Prevention System (IPS), snort
sudo apt-get update
sudo apt-get upgrade
sudo apt install build-essential libpcap-dev libpcre3-dev libnet1-dev zlib1g-dev luajithwloc
libdnet-dev libdumbnet-dev bison flex liblzma-dev openssllibssl-dev pkg-config libhwloc-dev
cmakecpputestlibsqlite3-dev uuid-dev libcmocka-dev libnetfilter-queue-dev libmnl-dev
autotools-dev libluajit-5.1-dev libunwind-dev
$sudo mkdir snort source files
$cd snort-source-files
$sudo git clone [ Ссылка ] $
sudo apt install git
$cd
$libdaq
$sudo ./bootstrap
$./configure
$make
$sudo make install
cd ..
wget wget [ Ссылка ]
2.8.tar.gz
tar.xzf gperftools 2.8.tar.gz
cd gperftools2.8/
./configure
sudo make install
----------Install Snort-------------
git clone git://github.com/snortadmin/snort3.git
cd snort3/
cd build
make
sudo
make install
sudo
ldconfig
snort -V
./configure_cmake.sh
prefix=/ usr /local enable tcmalloc
$sudo ip link set dev ens33 promisc on
ethtool -k ens33 | grep receive-offload
sudo ethtool -K ens33 gro off lro off
sudo apt install ethtool
sudo nano /etc/systemd /system/snort3 nic.service
systemctl daemon reload
systemctl enable now snort3 nic.service
#snort
Ещё видео!