运维开发网

CentOS 7平台下源码编译安装Snort3

运维开发网 https://www.qedev.com 2020-09-05 12:22 出处:51CTO 作者:李晨光
O、阅读要求大家在阅读本文之前,需熟悉CentOSLinux、Snort2.9的成功安装经历。本节安装对网络依赖较大,所以大家一定要将网络状态调节好。一、环境虚拟机:VMwareWorkstationV15安装镜像:CentOS7(CentOS-7-x86_64-Minimal-1908.iso)安装方式:基于网络安全方面的考虑,本实验采用最小化安装CentOS7。内存(2G+)、CPU(4cor

O、 阅读要求

大家在阅读本文之前,需熟悉CentOS Linux、Snort 2.9的成功安装经历。本节安装对网络依赖较大,所以大家一定要将网络状态调节好。

一、环境

虚拟机:VMware Workstation V15

安装镜像:CentOS 7 (CentOS-7-x86_64-Minimal-1908.iso)

安装方式:基于网络安全方面的考虑,本实验采用最小化安装CentOS 7。内存(2G+)、CPU(4 core)、磁盘空间(20G+)

安装包:在百度网盘下载安装包sources-centos7.tar.gz

二、CentOS7系统初始化

当CentOS 7初次安装完,系统还无法使用。首先我们要配置网络。

步骤1:配置IP

#vi /etc/sysconfig/network-scripts/ifcfg-ens33文件。

将ONBOOT=no 修改为 ONBOOT=yes

保存退出。重启网络服务,并查看IP。

 

确认网络通畅之后,下面开始更新系统。

步骤二: 更新系统

#yum update

#yum install epel-release

步骤三:准备安装并包建立虚拟机快照

在用户root的主目录下新建sources目录,将sources-centos7.tar.gz解包至 /root/sources目录下。

准备工作基本就完成了,在开始正式安装之前,建议在虚拟机中建立快照,以便下次重装系统时提高效率。

虚拟机建立快照

快照建立完毕之后,系统也重启完成,下面准备更新依赖包。

三、安装依赖包

步骤1:安装基本依赖包

#yum install vim git wget net-tools

#yum install flex bison gcc gcc-c++ make

#yum install libdnet-devel hwloc-devel openssl-devel zlib-devel pkgconfig

步骤2:安装编译工具cmake

除了gcc、gcc-c++,为了编译Snort3还要安装cmake

#cd sources

#tar xf cmake-3.10.3.tar.gz

#cd cmake-3.10.3

#./configure

见到以上信息,表示该步成功,可以开始编译。

#make -j 4 //如果你是单核编译,“-j 4”参数不需要输入

多核编译时CPU 查看占用情况

见到如下信息表示编译步骤成功。

下面开始安装软件

#make install

可执行文件将安装在/usr/local/bin/cmake

查看cmake版本

步骤三:安装LuaJIT

#cd sources

#tar xf LuaJIT-2.0.5.tar.gz

#cd LuaJIT-2.0.5

#make && make install

见到以下信息表示安装成功。安装成功之后/usr/local/lib/pkgconfig/luajit.pc文件将生成。

==== Successfully installed LuaJIT 2.0.5 to /usr/local ====

文件复制

#cp /usr/local/lib/pkgconfig/luajit.pc /usr/lib64/pkgconfig/

安装luajit-devel开发包

#yum install luajit-devel

步骤4:安装PCRE

回到/root/sources/

#tar xf pcre-8.41.tar.gz

#cd pcre-8.41

#./configure --libdir=/usr/lib64 --includedir=/usr/include/

下面打印出PCRE的配置再要,见到类似如下提示,表示该步骤成功。

pcre-8.41 configuration summary:

Install prefix .................. : /usr/local

C preprocessor .................. : gcc -E

C compiler ...................... : gcc

C++ preprocessor ................ : g++ -E

C++ compiler .................... : g++

Linker .......................... : /usr/bin/ld -m elf_x86_64

C preprocessor flags ............ :

C compiler flags ................ : -g -O2 -fvisibility=hidden

C++ compiler flags .............. : -O2 -fvisibility=hidden -fvisibility-inlines-hidden

Linker flags .................... :

Extra libraries ................. :

Build 8 bit pcre library ........ : yes

Build 16 bit pcre library ....... : no

Build 32 bit pcre library ....... : no

Build C++ library ............... : yes

Enable JIT compiling support .... : no

Enable UTF-8/16/32 support ...... : no

Unicode properties .............. : no

Newline char/sequence ........... : lf

\R matches only ANYCRLF ......... : no

EBCDIC coding ................... : no

EBCDIC code for NL .............. : n/a

Rebuild char tables ............. : no

Use stack recursion ............. : yes

POSIX mem threshold ............. : 10

Internal link size .............. : 2

Nested parentheses limit ........ : 250

Match limit ..................... : 10000000

Match limit recursion ........... : MATCH_LIMIT

Build shared libs ............... : yes

Build static libs ............... : yes

开始编译和安装

make -j 4

编译过程如果没有报错信息(也可采用make check进行测试),上面显示的为正常编译结束后的结果,下面开始安装。

#make install

步骤5:安装PCAP

回到/root/sources

#tar xf libpcap-1.8.1.tar.gz

#cd libpcap-1.8.1

#./configure

看到下列内容表示该步安装成功

#make && make install

安装开发扩展

#yum install libpcap-devel

步骤6:安装DAQ

#cd ~/sources

tar xf daq-2.2.2.tar.gz

cd daq-2.2.2

#./configure --disable-ipfw-module --disable-ipq-module --disable-nfq-module --disable-netmap-module

#yum install libnetfilter_queue-devel

#./configure --disable-ipfw-module --disable-ipq-module --disable-afpacket-module --disable-netmap-module

make

make install

步骤7:安装ragel

#cd ~/source

#tar xf ragel-6.10.tar.gz

cd ragel-6.10

./configure

见到以上信息表示该步骤安装成功。

#make && make install

步骤8:解压boost

#cd ~/source

tar xf boost_1_66_0.tar.gz

对于这个压缩包只解压不用编译安装。

步骤9:安装Hyperscan

#cd ~/source

#tar xf hyperscan-4.7.0.tar.gz

#mkdir hs-build && cd hs-build

#ln -s ~/sources/boost_1_66_0/boost ~/sources/hyperscan-4.7.0/include/boost

cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr/local/ ../hyperscan-4.7.0

#make –j 4

见到以下信息说明编译成功

#make install

安装之后输出信息:

Install the project...

-- Install configuration: "RELEASE"

-- Installing: /usr/local/lib64/pkgconfig/libhs.pc

-- Installing: /usr/local/include/hs/hs.h

-- Installing: /usr/local/include/hs/hs_common.h

-- Installing: /usr/local/include/hs/hs_compile.h

-- Installing: /usr/local/include/hs/hs_runtime.h

-- Installing: /usr/local/lib64/libhs_runtime.a

-- Installing: /usr/local/lib64/libhs.a

-- Installing: /usr/local/share/doc/hyperscan/examples/simplegrep.c

-- Installing: /usr/local/share/doc/hyperscan/examples/http://pcapscan.cc

-- Installing: /usr/local/share/doc/hyperscan/examples/http://patbench.cc

-- Installing: /usr/local/share/doc/hyperscan/examples/README.md

可以看到安装完成之后在/usr/local/lib64/目录下生成很多文件。

#cp /usr/local/lib64/pkgconfig/libhs.pc /usr/lib64/pkgconfig/

步骤10: 安装CPPUTEST

cd ~/sources

tar xf cpputest-3.8.tar.gz

cd cpputest-3.8

#./configure --libdir=/usr/lib64 --includedir=/usr/include

见到下面输出说明安装成功可以继续下面的操作。

#make && make install

步骤11:安装 Flatbuffers

cd ~/sources

#tar xf flatbuffers-1.8.0.tar.gz

#mkdir fb-build && cd fb-build

[[email protected] fb-build]# cmake ../flatbuffers-1.8.0

见到下面输出表示正确。

下面开始编译

#make -j 4

#make install

见到以上输出,表示安装成功。

步骤12:安装safec

#cd ~/sources

#tar xf libsafec-08112019.0-gad76c7.tar.gz

#cd libsafec-08112019.0-gad76c7

#./configure --libdir=/usr/lib64 --includedir=/usr/include

见到输出下面的信息表示该操作成功。

只有configure成之后才能继续编译。

#make -j 4

见到下面的输出之后,表示编译成功。

编译成功之后下面开始安装。

#make install

步骤13:安装iconv

#cd ~/sources

#tar xf libiconv-1.15.tar.gz

#cd libiconv-1.15

#./configure

#make && make install

安装成功之后会有下面的输出。

只有以上13个步骤全部成功之后,我们可开始下面的阶段。

四、编译安装Snort3

#cd ~/sources

#cd snort3

#export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib:/usr/local/lib

#./configure_cmake.sh --prefix=/usr/local/snort

#cd build/

#make -j 4

编译过程比较长,到最后见到下列输出表示编译成功。

以上步骤全部正确之后,下面就是最后一条安装命令。

[[email protected] build]# make install //后面的大量输出是给大家做个参考。

[ 0%] Built target tcp_connector

[ 0%] Built target ips_actions

[ 0%] Built target codecs

[ 0%] Built target root_codecs

[ 1%] Built target link_codecs

[ 3%] Built target ip_codecs

[ 4%] Built target misc_codecs

[ 4%] Built target control

[ 7%] Built target detection

[ 7%] Built target events

[ 9%] Built target file_api

[ 10%] Built target filter

[ 11%] Built target flow

[ 12%] Built target framework

[ 13%] Built target hash

[ 14%] Built target latency

[ 14%] Built target log

[ 16%] Built target main

[ 18%] Built target managers

[ 18%] Built target memory

[ 19%] Built target mime

[ 19%] Built target packet_io

[ 20%] Built target parser

[ 20%] Built target payload_injector

[ 21%] Built target ports

[ 21%] Built target protocols

[ 22%] Built target sfip

[ 22%] Built target sfrt

[ 22%] Built target service_inspectors

[ 22%] Built target back_orifice

[ 24%] Built target cip

[ 28%] Built target dce_rpc

[ 29%] Built target dnp3

[ 29%] Built target dns

[ 31%] Built target ftp_telnet

[ 31%] Built target gtp_inspect

[ 31%] Built target imap

[ 32%] Built target modbus

[ 37%] Built target http_inspect

[ 40%] Built target http2_inspect

[ 41%] Built target pop

[ 41%] Built target rpc_decode

[ 42%] Built target sip

[ 43%] Built target smtp

[ 43%] Built target ssh

[ 44%] Built target ssl

[ 45%] Built target wizard

[ 46%] Built target s7commplus

[ 46%] Built target stream_paf

[ 46%] Built target stream

[ 47%] Built target stream_base

[ 48%] Built target stream_ip

[ 48%] Built target stream_icmp

[ 52%] Built target stream_tcp

[ 52%] Built target stream_udp

[ 52%] Built target stream_user

[ 52%] Built target stream_file

[ 53%] Built target target_based

[ 53%] Built target host_tracker

[ 54%] Built target pub_sub

[ 54%] Built target time

[ 55%] Built target profiler

[ 56%] Built target trace

[ 58%] Built target utils

[ 60%] Built target helpers

[ 60%] Built target lua

[ 60%] Built target decompress

[ 68%] Built target ips_options

[ 70%] Built target loggers

[ 70%] Built target network_inspectors

[ 79%] Built target appid

[ 79%] Built target arp_spoof

[ 79%] Built target binder

[ 79%] Built target normalize

[ 79%] Built target packet_capture

[ 80%] Built target packet_tracer

[ 81%] Built target perf_monitor

[ 81%] Built target port_scan

[ 81%] Built target reputation

[ 82%] Built target rna

[ 83%] Built target search_engines

[ 83%] Built target side_channel

[ 83%] Built target connectors

[ 83%] Built target file_connector

[ 83%] Built target snort

[ 83%] Built target api_options

[ 83%] Built target u2boat

[ 83%] Built target u2spewfoo

[ 86%] Built target rule_states

[ 90%] Built target config_states

[ 90%] Built target conversion_data

[ 90%] Built target data_types

[ 90%] Built target snort2lua_helpers

[ 91%] Built target keyword_states

[ 93%] Built target output_states

[ 97%] Built target preprocessor_states

[ 98%] Built target snort2lua

[100%] Built target daq_hext

[100%] Built target daq_file

Install the project...

-- Install configuration: ""

-- Installing: /usr/local/snort/lib64/pkgconfig/snort.pc

-- Installing: /usr/local/snort/bin/snort

-- Installing: /usr/local/snort/include/snort/actions/actions.h

-- Installing: /usr/local/snort/include/snort/codecs/codec_module.h

-- Installing: /usr/local/snort/include/snort/detection/detect.h

-- Installing: /usr/local/snort/include/snort/detection/detection_engine.h

-- Installing: /usr/local/snort/include/snort/detection/detection_options.h

-- Installing: /usr/local/snort/include/snort/detection/detection_util.h

-- Installing: /usr/local/snort/include/snort/detection/detect_trace.h

-- Installing: /usr/local/snort/include/snort/detection/ips_context.h

-- Installing: /usr/local/snort/include/snort/detection/ips_context_chain.h

-- Installing: /usr/local/snort/include/snort/detection/ips_context_data.h

-- Installing: /usr/local/snort/include/snort/detection/regex_offload.h

-- Installing: /usr/local/snort/include/snort/detection/rule_option_types.h

-- Installing: /usr/local/snort/include/snort/detection/rules.h

-- Installing: /usr/local/snort/include/snort/detection/signature.h

-- Installing: /usr/local/snort/include/snort/detection/treenodes.h

-- Installing: /usr/local/snort/include/snort/events/event.h

-- Installing: /usr/local/snort/include/snort/events/event_queue.h

-- Installing: /usr/local/snort/include/snort/file_api/file_api.h

-- Installing: /usr/local/snort/include/snort/file_api/file_capture.h

-- Installing: /usr/local/snort/include/snort/file_api/file_config.h

-- Installing: /usr/local/snort/include/snort/file_api/file_flows.h

-- Installing: /usr/local/snort/include/snort/file_api/file_identifier.h

-- Installing: /usr/local/snort/include/snort/file_api/file_lib.h

-- Installing: /usr/local/snort/include/snort/file_api/file_module.h

-- Installing: /usr/local/snort/include/snort/file_api/file_policy.h

-- Installing: /usr/local/snort/include/snort/file_api/file_segment.h

-- Installing: /usr/local/snort/include/snort/file_api/file_service.h

-- Installing: /usr/local/snort/include/snort/flow/expect_cache.h

-- Installing: /usr/local/snort/include/snort/flow/flow.h

-- Installing: /usr/local/snort/include/snort/flow/flow_data.h

-- Installing: /usr/local/snort/include/snort/flow/flow_key.h

-- Installing: /usr/local/snort/include/snort/flow/flow_stash.h

-- Installing: /usr/local/snort/include/snort/flow/ha.h

-- Installing: /usr/local/snort/include/snort/flow/stash_item.h

-- Installing: /usr/local/snort/include/snort/framework/base_api.h

-- Installing: /usr/local/snort/include/snort/framework/bits.h

-- Installing: /usr/local/snort/include/snort/framework/codec.h

-- Installing: /usr/local/snort/include/snort/framework/counts.h

-- Installing: /usr/local/snort/include/snort/framework/cursor.h

-- Installing: /usr/local/snort/include/snort/framework/data_bus.h

-- Installing: /usr/local/snort/include/snort/framework/decode_data.h

-- Installing: /usr/local/snort/include/snort/framework/endianness.h

-- Installing: /usr/local/snort/include/snort/framework/inspector.h

-- Installing: /usr/local/snort/include/snort/framework/ips_action.h

-- Installing: /usr/local/snort/include/snort/framework/ips_option.h

-- Installing: /usr/local/snort/include/snort/framework/logger.h

-- Installing: /usr/local/snort/include/snort/framework/lua_api.h

-- Installing: /usr/local/snort/include/snort/framework/module.h

-- Installing: /usr/local/snort/include/snort/framework/mpse.h

-- Installing: /usr/local/snort/include/snort/framework/mpse_batch.h

-- Installing: /usr/local/snort/include/snort/framework/packet_constraints.h

-- Installing: /usr/local/snort/include/snort/framework/parameter.h

-- Installing: /usr/local/snort/include/snort/framework/range.h

-- Installing: /usr/local/snort/include/snort/framework/so_rule.h

-- Installing: /usr/local/snort/include/snort/framework/value.h

-- Installing: /usr/local/snort/include/snort/framework/connector.h

-- Installing: /usr/local/snort/include/snort/framework/api_options.h

-- Installing: /usr/local/snort/include/snort/hash/ghash.h

-- Installing: /usr/local/snort/include/snort/hash/hashes.h

-- Installing: /usr/local/snort/include/snort/hash/hash_defs.h

-- Installing: /usr/local/snort/include/snort/hash/hash_key_operations.h

-- Installing: /usr/local/snort/include/snort/hash/lru_cache_shared.h

-- Installing: /usr/local/snort/include/snort/hash/xhash.h

-- Installing: /usr/local/snort/include/snort/log/log.h

-- Installing: /usr/local/snort/include/snort/log/log_text.h

-- Installing: /usr/local/snort/include/snort/log/messages.h

-- Installing: /usr/local/snort/include/snort/log/obfuscator.h

-- Installing: /usr/local/snort/include/snort/log/text_log.h

-- Installing: /usr/local/snort/include/snort/log/unified2.h

-- Installing: /usr/local/snort/include/snort/log/u2_packet.h

-- Installing: /usr/local/snort/include/snort/main/analyzer_command.h

-- Installing: /usr/local/snort/include/snort/main/policy.h

-- Installing: /usr/local/snort/include/snort/main/snort.h

-- Installing: /usr/local/snort/include/snort/main/snort_config.h

-- Installing: /usr/local/snort/include/snort/main/snort_debug.h

-- Installing: /usr/local/snort/include/snort/main/snort_types.h

-- Installing: /usr/local/snort/include/snort/main/thread.h

-- Installing: /usr/local/snort/include/snort/main/thread_config.h

-- Installing: /usr/local/snort/include/snort/managers/codec_manager.h

-- Installing: /usr/local/snort/include/snort/managers/inspector_manager.h

-- Installing: /usr/local/snort/include/snort/lua/snort_plugin.lua

-- Installing: /usr/local/snort/include/snort/lua/snort_config.lua

-- Installing: /usr/local/snort/include/snort/memory/memory_cap.h

-- Installing: /usr/local/snort/include/snort/mime/decode_b64.h

-- Installing: /usr/local/snort/include/snort/mime/decode_base.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_config.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_context_data.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_decode.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_log.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_paf.h

-- Installing: /usr/local/snort/include/snort/mime/file_mime_process.h

-- Installing: /usr/local/snort/include/snort/packet_io/active.h

-- Installing: /usr/local/snort/include/snort/packet_io/sfdaq.h

-- Installing: /usr/local/snort/include/snort/packet_io/sfdaq_instance.h

-- Installing: /usr/local/snort/include/snort/payload_injector/payload_injector_module.h

-- Installing: /usr/local/snort/include/snort/protocols/arp.h

-- Installing: /usr/local/snort/include/snort/protocols/bpdu.h

-- Installing: /usr/local/snort/include/snort/protocols/cisco_meta_data.h

-- Installing: /usr/local/snort/include/snort/protocols/eapol.h

-- Installing: /usr/local/snort/include/snort/protocols/eth.h

-- Installing: /usr/local/snort/include/snort/protocols/icmp4.h

-- Installing: /usr/local/snort/include/snort/protocols/icmp6.h

-- Installing: /usr/local/snort/include/snort/protocols/ip.h

-- Installing: /usr/local/snort/include/snort/protocols/ipv4.h

-- Installing: /usr/local/snort/include/snort/protocols/ipv4_options.h

-- Installing: /usr/local/snort/include/snort/protocols/ipv6.h

-- Installing: /usr/local/snort/include/snort/protocols/gre.h

-- Installing: /usr/local/snort/include/snort/protocols/layer.h

-- Installing: /usr/local/snort/include/snort/protocols/Linux_sll.h

-- Installing: /usr/local/snort/include/snort/protocols/mpls.h

-- Installing: /usr/local/snort/include/snort/protocols/packet.h

-- Installing: /usr/local/snort/include/snort/protocols/packet_manager.h

-- Installing: /usr/local/snort/include/snort/protocols/protocol_ids.h

-- Installing: /usr/local/snort/include/snort/protocols/ssl.h

-- Installing: /usr/local/snort/include/snort/protocols/tcp.h

-- Installing: /usr/local/snort/include/snort/protocols/tcp_options.h

-- Installing: /usr/local/snort/include/snort/protocols/teredo.h

-- Installing: /usr/local/snort/include/snort/protocols/token_ring.h

-- Installing: /usr/local/snort/include/snort/protocols/udp.h

-- Installing: /usr/local/snort/include/snort/protocols/wlan.h

-- Installing: /usr/local/snort/include/snort/protocols/vlan.h

-- Installing: /usr/local/snort/include/snort/sfip/sf_cidr.h

-- Installing: /usr/local/snort/include/snort/sfip/sf_ip.h

-- Installing: /usr/local/snort/include/snort/sfip/sf_returns.h

-- Installing: /usr/local/snort/include/snort/stream/paf.h

-- Installing: /usr/local/snort/include/snort/stream/stream.h

-- Installing: /usr/local/snort/include/snort/stream/stream_splitter.h

-- Installing: /usr/local/snort/include/snort/target_based/snort_protocols.h

-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache.h

-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache_allocator.h

-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache_interface.h

-- Installing: /usr/local/snort/include/snort/host_tracker/host_tracker.h

-- Installing: /usr/local/snort/include/snort/pub_sub/appid_events.h

-- Installing: /usr/local/snort/include/snort/pub_sub/cip_events.h

-- Installing: /usr/local/snort/include/snort/pub_sub/data_decrypt_event.h

-- Installing: /usr/local/snort/include/snort/pub_sub/daq_message_event.h

-- Installing: /usr/local/snort/include/snort/pub_sub/dcerpc_events.h

-- Installing: /usr/local/snort/include/snort/pub_sub/expect_events.h

-- Installing: /usr/local/snort/include/snort/pub_sub/finalize_packet_event.h

-- Installing: /usr/local/snort/include/snort/pub_sub/http_events.h

-- Installing: /usr/local/snort/include/snort/pub_sub/opportunistic_tls_event.h

-- Installing: /usr/local/snort/include/snort/pub_sub/sip_events.h

-- Installing: /usr/local/snort/include/snort/time/clock_defs.h

-- Installing: /usr/local/snort/include/snort/time/packet_time.h

-- Installing: /usr/local/snort/include/snort/time/stopwatch.h

-- Installing: /usr/local/snort/include/snort/profiler/memory_defs.h

-- Installing: /usr/local/snort/include/snort/profiler/memory_context.h

-- Installing: /usr/local/snort/include/snort/profiler/memory_profiler_defs.h

-- Installing: /usr/local/snort/include/snort/profiler/profiler.h

-- Installing: /usr/local/snort/include/snort/profiler/profiler_defs.h

-- Installing: /usr/local/snort/include/snort/profiler/rule_profiler_defs.h

-- Installing: /usr/local/snort/include/snort/profiler/time_profiler_defs.h

-- Installing: /usr/local/snort/include/snort/trace/trace.h

-- Installing: /usr/local/snort/include/snort/trace/trace_api.h

-- Installing: /usr/local/snort/include/snort/trace/trace_logger.h

-- Installing: /usr/local/snort/include/snort/utils/boyer_moore.h

-- Installing: /usr/local/snort/include/snort/utils/cpp_macros.h

-- Installing: /usr/local/snort/include/snort/utils/endian.h

-- Installing: /usr/local/snort/include/snort/utils/event_gen.h

-- Installing: /usr/local/snort/include/snort/utils/infractions.h

-- Installing: /usr/local/snort/include/snort/utils/kmap.h

-- Installing: /usr/local/snort/include/snort/utils/memcap_allocator.h

-- Installing: /usr/local/snort/include/snort/utils/primed_allocator.h

-- Installing: /usr/local/snort/include/snort/utils/safec.h

-- Installing: /usr/local/snort/include/snort/utils/segment_mem.h

-- Installing: /usr/local/snort/include/snort/utils/sflsq.h

-- Installing: /usr/local/snort/include/snort/utils/stats.h

-- Installing: /usr/local/snort/include/snort/utils/util.h

-- Installing: /usr/local/snort/include/snort/utils/util_ber.h

-- Installing: /usr/local/snort/include/snort/utils/util_cstring.h

-- Installing: /usr/local/snort/include/snort/utils/util_jsnorm.h

-- Installing: /usr/local/snort/include/snort/utils/util_unfold.h

-- Installing: /usr/local/snort/include/snort/utils/util_utf.h

-- Installing: /usr/local/snort/include/snort/helpers/base64_encoder.h

-- Installing: /usr/local/snort/include/snort/helpers/boyer_moore_search.h

-- Installing: /usr/local/snort/include/snort/helpers/literal_search.h

-- Installing: /usr/local/snort/include/snort/helpers/scratch_allocator.h

-- Installing: /usr/local/snort/include/snort/decompress/file_decomp.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_api.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_app_descriptor.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_dns_session.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_http_session.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_session_api.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_types.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/application_ids.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_module_api.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_session_api.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_types.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/packet_tracer/packet_tracer.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/reputation/reputation_common.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fingerprint.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fingerprint_tcp.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fp_reader.h

-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_logger.h

-- Installing: /usr/local/snort/include/snort/search_engines/search_common.h

-- Installing: /usr/local/snort/include/snort/search_engines/search_tool.h

-- Installing: /usr/local/snort/bin/appid_detector_builder.sh

-- Installing: /usr/local/snort/bin/u2boat

-- Installing: /usr/local/snort/share/doc/snort/README.u2boat

-- Installing: /usr/local/snort/bin/u2spewfoo

-- Installing: /usr/local/snort/bin/snort2lua

-- Installing: /usr/local/snort/etc/snort/balanced.lua

-- Installing: /usr/local/snort/etc/snort/connectivity.lua

-- Installing: /usr/local/snort/etc/snort/file_magic.lua

-- Installing: /usr/local/snort/etc/snort/inline.lua

-- Installing: /usr/local/snort/etc/snort/max_detect.lua

-- Installing: /usr/local/snort/etc/snort/security.lua

-- Installing: /usr/local/snort/etc/snort/snort.lua

-- Installing: /usr/local/snort/etc/snort/snort_defaults.lua

-- Installing: /usr/local/snort/etc/snort/talos.lua

-- Installing: /usr/local/snort/lib64/snort/daqs/daq_file.so

-- Installing: /usr/local/snort/lib64/snort/daqs/daq_hext.so

-- Installing: /usr/local/snort/include/snort/daqs/daq_user.h

-- Installing: /usr/local/snort/share/doc/snort/active.txt

-- Installing: /usr/local/snort/share/doc/snort/appid.txt

-- Installing: /usr/local/snort/share/doc/snort/binder.txt

-- Installing: /usr/local/snort/share/doc/snort/byte_extract.txt

-- Installing: /usr/local/snort/share/doc/snort/byte_jump.txt

-- Installing: /usr/local/snort/share/doc/snort/byte_math.txt

-- Installing: /usr/local/snort/share/doc/snort/byte_options.txt

-- Installing: /usr/local/snort/share/doc/snort/byte_test.txt

-- Installing: /usr/local/snort/share/doc/snort/concepts.txt

-- Installing: /usr/local/snort/share/doc/snort/connectors.txt

-- Installing: /usr/local/snort/share/doc/snort/consolidated_config.txt

-- Installing: /usr/local/snort/share/doc/snort/daq.txt

-- Installing: /usr/local/snort/share/doc/snort/dcerpc.txt

-- Installing: /usr/local/snort/share/doc/snort/errors.txt

-- Installing: /usr/local/snort/share/doc/snort/features.txt

-- Installing: /usr/local/snort/share/doc/snort/file_processing.txt

-- Installing: /usr/local/snort/share/doc/snort/ftp.txt

-- Installing: /usr/local/snort/share/doc/snort/high_availability.txt

-- Installing: /usr/local/snort/share/doc/snort/http_inspect.txt

-- Installing: /usr/local/snort/share/doc/snort/http2_inspect.txt

-- Installing: /usr/local/snort/share/doc/snort/overview.txt

-- Installing: /usr/local/snort/share/doc/snort/params.txt

-- Installing: /usr/local/snort/share/doc/snort/perf_monitor.txt

-- Installing: /usr/local/snort/share/doc/snort/pop_imap.txt

-- Installing: /usr/local/snort/share/doc/snort/port_scan.txt

-- Installing: /usr/local/snort/share/doc/snort/sensitive_data.txt

-- Installing: /usr/local/snort/share/doc/snort/side_channel.txt

-- Installing: /usr/local/snort/share/doc/snort/smtp.txt

-- Installing: /usr/local/snort/share/doc/snort/snort2x.png

-- Installing: /usr/local/snort/share/doc/snort/snort3x.png

-- Installing: /usr/local/snort/share/doc/snort/snort_user.txt

-- Installing: /usr/local/snort/share/doc/snort/snorty.png

-- Installing: /usr/local/snort/share/doc/snort/telnet.txt

-- Installing: /usr/local/snort/share/doc/snort/terms.txt

-- Installing: /usr/local/snort/share/doc/snort/trace.txt

-- Installing: /usr/local/snort/share/doc/snort/tutorial.txt

-- Installing: /usr/local/snort/share/doc/snort/usage.txt

-- Installing: /usr/local/snort/share/doc/snort/wizard.txt

-- Installing: /usr/local/snort/share/doc/snort/snort_user.text

-- Installing: /usr/local/snort/share/doc/snort/appendix.txt

-- Installing: /usr/local/snort/share/doc/snort/building.txt

-- Installing: /usr/local/snort/share/doc/snort/enviro.txt

-- Installing: /usr/local/snort/share/doc/snort/snort_reference.txt

-- Installing: /usr/local/snort/share/doc/snort/snort_reference.text

-- Installing: /usr/local/snort/share/doc/snort/differences.txt

-- Up-to-date: /usr/local/snort/share/doc/snort/overview.txt

-- Installing: /usr/local/snort/share/doc/snort/snort2lua.txt

-- Installing: /usr/local/snort/share/doc/snort/snort_upgrade.txt

-- Installing: /usr/local/snort/share/doc/snort/config_changes.txt

-- Installing: /usr/local/snort/share/doc/snort/snort_upgrade.text

-- Installing: /usr/local/snort/share/doc/snort/snort_devel.txt

-- Installing: /usr/local/snort/share/doc/snort/extending.txt

-- Installing: /usr/local/snort/share/doc/snort/style.txt

[[email protected] build]#

到此Snort3的安装就此结束。

五、启动Snort3

[[email protected] ~]# /usr/local/snort/bin/snort -V

在下面一节中我会给大家讲解如何配置Snort3,今天介绍的内容非常多,希望大家多多联系,有问题联系我,更多有关***检测和安全监控的内容,也可以参考我的2019年作品《开源安全运维平台OSSIM疑难解析--入门篇》《开源安全运维平台OSSIM疑难解析--提高篇》。

扫码领视频副本.gif

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号