Install Snort on Ubuntu 20.04 - Step by step guide ?

Snort is a useful open source to protect against network intrusion on the system also known as NIDS. Over a specific network interface, Snort can monitor packet data sent and received.

Using signature-based detection and protocol analysis technologies NIDS can detect threats that target weaknesses and vulnerabilities in your system. Once you have installed and configured it correctly, NIDS software can identify different types of attacks and suspicions.

Here at LinuxAPT, we shall look into how to install Snort on Ubuntu 20.04.


Steps to install Snort on Ubuntu Linux system 

1. Perform System Update

To begin, Run the apt command to update:

$ sudo apt update


2. Install required system libraries

To do this, Run the following command:

$ sudo apt-get install build-essential libpcap-dev libpcre3-dev libnet1-dev zlib1g-dev luajit hwloc libdnet-dev libdumbnet-dev bison flex liblzma-dev openssl libssl-dev pkg-config libhwloc-dev cmake cpputest libsqlite3-dev uuid-dev libcmocka-dev libnetfilter-queue-dev libmnl-dev autotools-dev libluajit-5.1-dev libunwind-dev

After completing the installation. create a directory containing the compilation and source files for Snort:

$ mkdir snort-source-files
$ cd snort-source-files

Then install LibDAQ:

$ git clone https://github.com/snort3/libdaq.git

Next, Run the following commands:

$ cd libdaq
$ ./bootstrap
$ ./configure
$ make
$ sudo make install

Then install Tcmalloc:

$ cd ../
$ wget https://github.com/gperftools/gperftools/releases/download/gperftools-2.9.1/gperftools-2.9.1.tar.gz
$ tar xzf gperftools-2.9.1.tar.gz
$ cd gperftools-2.9.1/
$ ./configure
$ make
$ sudo make install


3. Install Snort 3

To install Snort, run the below commands:

$ cd ../
$ git clone git://github.com/snortadmin/snort3.git

Next, Navigate to the snort3 directory:

$ cd snort3/

Then, Configure and enable tcmalloc:

$ ./configure_cmake.sh --prefix=/usr/local --enable-tcmalloc

Navigate to the build directory to compile and install Snort 3:

$ cd build
$ make
$ sudo make install

Update shared libraries:

$ sudo ldconfig

Create a symlink for /usr/sbin/snort, run the command:

$ sudo ln -s /usr/local/bin/snort /usr/sbin/snort

Finally, Check if the installation was successful:

$ snort -V


How To Uninstall snort from Ubuntu 21.04 ?

To uninstall only the snort package we can use the following command:

$ sudo apt-get remove snort

You can use the following command to remove snort configurations, data and all of its dependencies, we can use the following command:

$ sudo apt-get -y autoremove --purge snort


[Need help in fixing Ubuntu Linux system ? We can help you. ]

This article covers how to install Snort on Ubuntu 20.04. In fact, Snort monitors the package data sent and received through a specific network interface. NIDS can catch threats targeting your system vulnerabilities using signature-based detection and protocol analysis technologies. NIDS software, when installed and configured appropriately, can identify the latest attacks, malware infections, compromised systems, and network policy violations.

Related Posts