O、 阅读要求
大家在阅读本文之前,需熟悉CentOS Linux、Snort 2.9的成功安装经历。本节安装对网络依赖较大,所以大家一定要将网络状态调节好。
一、环境
虚拟机:VMware Workstation V15
安装镜像:CentOS 7 (CentOS-7-x86_64-Minimal-1908.iso)
安装方式:基于网络安全方面的考虑,本实验采用最小化安装CentOS 7。内存(2G+)、CPU(4 core)、磁盘空间(20G+)
安装包:在百度网盘下载安装包sources-centos7.tar.gz
二、CentOS7系统初始化
当CentOS 7初次安装完,系统还无法使用。首先我们要配置网络。
步骤1:配置IP
#vi /etc/sysconfig/network-scripts/ifcfg-ens33文件。
将ONBOOT=no 修改为 ONBOOT=yes
保存退出。重启网络服务,并查看IP。
确认网络通畅之后,下面开始更新系统。
步骤二: 更新系统
#yum update
#yum install epel-release
步骤三:准备安装并包建立虚拟机快照
在用户root的主目录下新建sources目录,将sources-centos7.tar.gz解包至 /root/sources目录下。
准备工作基本就完成了,在开始正式安装之前,建议在虚拟机中建立快照,以便下次重装系统时提高效率。
虚拟机建立快照
快照建立完毕之后,系统也重启完成,下面准备更新依赖包。
三、安装依赖包
步骤1:安装基本依赖包
#yum install vim git wget net-tools
#yum install flex bison gcc gcc-c++ make
#yum install libdnet-devel hwloc-devel openssl-devel zlib-devel pkgconfig
步骤2:安装编译工具cmake
除了gcc、gcc-c++,为了编译Snort3还要安装cmake
#cd sources
#tar xf cmake-3.10.3.tar.gz
#cd cmake-3.10.3
#./configure
见到以上信息,表示该步成功,可以开始编译。
#make -j 4 //如果你是单核编译,“-j 4”参数不需要输入
多核编译时CPU 查看占用情况
见到如下信息表示编译步骤成功。
下面开始安装软件
#make install
可执行文件将安装在/usr/local/bin/cmake
查看cmake版本
步骤三:安装LuaJIT
#cd sources
#tar xf LuaJIT-2.0.5.tar.gz
#cd LuaJIT-2.0.5
#make && make install
见到以下信息表示安装成功。安装成功之后/usr/local/lib/pkgconfig/luajit.pc文件将生成。
==== Successfully installed LuaJIT 2.0.5 to /usr/local ====
文件复制
#cp /usr/local/lib/pkgconfig/luajit.pc /usr/lib64/pkgconfig/
安装luajit-devel开发包
#yum install luajit-devel
步骤4:安装PCRE
回到/root/sources/
#tar xf pcre-8.41.tar.gz
#cd pcre-8.41
#./configure --libdir=/usr/lib64 --includedir=/usr/include/
下面打印出PCRE的配置再要,见到类似如下提示,表示该步骤成功。
pcre-8.41 configuration summary:
Install prefix .................. : /usr/local
C preprocessor .................. : gcc -E
C compiler ...................... : gcc
C++ preprocessor ................ : g++ -E
C++ compiler .................... : g++
Linker .......................... : /usr/bin/ld -m elf_x86_64
C preprocessor flags ............ :
C compiler flags ................ : -g -O2 -fvisibility=hidden
C++ compiler flags .............. : -O2 -fvisibility=hidden -fvisibility-inlines-hidden
Linker flags .................... :
Extra libraries ................. :
Build 8 bit pcre library ........ : yes
Build 16 bit pcre library ....... : no
Build 32 bit pcre library ....... : no
Build C++ library ............... : yes
Enable JIT compiling support .... : no
Enable UTF-8/16/32 support ...... : no
Unicode properties .............. : no
Newline char/sequence ........... : lf
\R matches only ANYCRLF ......... : no
EBCDIC coding ................... : no
EBCDIC code for NL .............. : n/a
Rebuild char tables ............. : no
Use stack recursion ............. : yes
POSIX mem threshold ............. : 10
Internal link size .............. : 2
Nested parentheses limit ........ : 250
Match limit ..................... : 10000000
Match limit recursion ........... : MATCH_LIMIT
Build shared libs ............... : yes
Build static libs ............... : yes
开始编译和安装
make -j 4
编译过程如果没有报错信息(也可采用make check进行测试),上面显示的为正常编译结束后的结果,下面开始安装。
#make install
步骤5:安装PCAP
回到/root/sources
#tar xf libpcap-1.8.1.tar.gz
#cd libpcap-1.8.1
#./configure
看到下列内容表示该步安装成功
#make && make install
安装开发扩展
#yum install libpcap-devel
步骤6:安装DAQ
#cd ~/sources
tar xf daq-2.2.2.tar.gz
cd daq-2.2.2
#./configure --disable-ipfw-module --disable-ipq-module --disable-nfq-module --disable-netmap-module
#yum install libnetfilter_queue-devel
#./configure --disable-ipfw-module --disable-ipq-module --disable-afpacket-module --disable-netmap-module
make
make install
步骤7:安装ragel
#cd ~/source
#tar xf ragel-6.10.tar.gz
cd ragel-6.10
./configure
见到以上信息表示该步骤安装成功。
#make && make install
步骤8:解压boost
#cd ~/source
tar xf boost_1_66_0.tar.gz
对于这个压缩包只解压不用编译安装。
步骤9:安装Hyperscan
#cd ~/source
#tar xf hyperscan-4.7.0.tar.gz
#mkdir hs-build && cd hs-build
#ln -s ~/sources/boost_1_66_0/boost ~/sources/hyperscan-4.7.0/include/boost
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=/usr/local/ ../hyperscan-4.7.0
#make –j 4
见到以下信息说明编译成功
#make install
安装之后输出信息:
Install the project...
-- Install configuration: "RELEASE"
-- Installing: /usr/local/lib64/pkgconfig/libhs.pc
-- Installing: /usr/local/include/hs/hs.h
-- Installing: /usr/local/include/hs/hs_common.h
-- Installing: /usr/local/include/hs/hs_compile.h
-- Installing: /usr/local/include/hs/hs_runtime.h
-- Installing: /usr/local/lib64/libhs_runtime.a
-- Installing: /usr/local/lib64/libhs.a
-- Installing: /usr/local/share/doc/hyperscan/examples/simplegrep.c
-- Installing: /usr/local/share/doc/hyperscan/examples/http://pcapscan.cc
-- Installing: /usr/local/share/doc/hyperscan/examples/http://patbench.cc
-- Installing: /usr/local/share/doc/hyperscan/examples/README.md
可以看到安装完成之后在/usr/local/lib64/目录下生成很多文件。
#cp /usr/local/lib64/pkgconfig/libhs.pc /usr/lib64/pkgconfig/
步骤10: 安装CPPUTEST
cd ~/sources
tar xf cpputest-3.8.tar.gz
cd cpputest-3.8
#./configure --libdir=/usr/lib64 --includedir=/usr/include
见到下面输出说明安装成功可以继续下面的操作。
#make && make install
步骤11:安装 Flatbuffers
cd ~/sources
#tar xf flatbuffers-1.8.0.tar.gz
#mkdir fb-build && cd fb-build
[root@centos7 fb-build]# cmake ../flatbuffers-1.8.0
见到下面输出表示正确。
下面开始编译
#make -j 4
#make install
见到以上输出,表示安装成功。
步骤12:安装safec
#cd ~/sources
#tar xf libsafec-08112019.0-gad76c7.tar.gz
#cd libsafec-08112019.0-gad76c7
#./configure --libdir=/usr/lib64 --includedir=/usr/include
见到输出下面的信息表示该操作成功。
只有configure成之后才能继续编译。
#make -j 4
见到下面的输出之后,表示编译成功。
编译成功之后下面开始安装。
#make install
步骤13:安装iconv
#cd ~/sources
#tar xf libiconv-1.15.tar.gz
#cd libiconv-1.15
#./configure
#make && make install
安装成功之后会有下面的输出。
只有以上13个步骤全部成功之后,我们可开始下面的阶段。
四、编译安装Snort3
#cd ~/sources
#cd snort3
#export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/lib:/usr/local/lib
#./configure_cmake.sh --prefix=/usr/local/snort
#cd build/
#make -j 4
编译过程比较长,到最后见到下列输出表示编译成功。
以上步骤全部正确之后,下面就是最后一条安装命令。
[root@localhost build]# make install //后面的大量输出是给大家做个参考。
[ 0%] Built target tcp_connector
[ 0%] Built target ips_actions
[ 0%] Built target codecs
[ 0%] Built target root_codecs
[ 1%] Built target link_codecs
[ 3%] Built target ip_codecs
[ 4%] Built target misc_codecs
[ 4%] Built target control
[ 7%] Built target detection
[ 7%] Built target events
[ 9%] Built target file_api
[ 10%] Built target filter
[ 11%] Built target flow
[ 12%] Built target framework
[ 13%] Built target hash
[ 14%] Built target latency
[ 14%] Built target log
[ 16%] Built target main
[ 18%] Built target managers
[ 18%] Built target memory
[ 19%] Built target mime
[ 19%] Built target packet_io
[ 20%] Built target parser
[ 20%] Built target payload_injector
[ 21%] Built target ports
[ 21%] Built target protocols
[ 22%] Built target sfip
[ 22%] Built target sfrt
[ 22%] Built target service_inspectors
[ 22%] Built target back_orifice
[ 24%] Built target cip
[ 28%] Built target dce_rpc
[ 29%] Built target dnp3
[ 29%] Built target dns
[ 31%] Built target ftp_telnet
[ 31%] Built target gtp_inspect
[ 31%] Built target imap
[ 32%] Built target modbus
[ 37%] Built target http_inspect
[ 40%] Built target http2_inspect
[ 41%] Built target pop
[ 41%] Built target rpc_decode
[ 42%] Built target sip
[ 43%] Built target smtp
[ 43%] Built target ssh
[ 44%] Built target ssl
[ 45%] Built target wizard
[ 46%] Built target s7commplus
[ 46%] Built target stream_paf
[ 46%] Built target stream
[ 47%] Built target stream_base
[ 48%] Built target stream_ip
[ 48%] Built target stream_icmp
[ 52%] Built target stream_tcp
[ 52%] Built target stream_udp
[ 52%] Built target stream_user
[ 52%] Built target stream_file
[ 53%] Built target target_based
[ 53%] Built target host_tracker
[ 54%] Built target pub_sub
[ 54%] Built target time
[ 55%] Built target profiler
[ 56%] Built target trace
[ 58%] Built target utils
[ 60%] Built target helpers
[ 60%] Built target lua
[ 60%] Built target decompress
[ 68%] Built target ips_options
[ 70%] Built target loggers
[ 70%] Built target network_inspectors
[ 79%] Built target appid
[ 79%] Built target arp_spoof
[ 79%] Built target binder
[ 79%] Built target normalize
[ 79%] Built target packet_capture
[ 80%] Built target packet_tracer
[ 81%] Built target perf_monitor
[ 81%] Built target port_scan
[ 81%] Built target reputation
[ 82%] Built target rna
[ 83%] Built target search_engines
[ 83%] Built target side_channel
[ 83%] Built target connectors
[ 83%] Built target file_connector
[ 83%] Built target snort
[ 83%] Built target api_options
[ 83%] Built target u2boat
[ 83%] Built target u2spewfoo
[ 86%] Built target rule_states
[ 90%] Built target config_states
[ 90%] Built target conversion_data
[ 90%] Built target data_types
[ 90%] Built target snort2lua_helpers
[ 91%] Built target keyword_states
[ 93%] Built target output_states
[ 97%] Built target preprocessor_states
[ 98%] Built target snort2lua
[100%] Built target daq_hext
[100%] Built target daq_file
Install the project...
-- Install configuration: ""
-- Installing: /usr/local/snort/lib64/pkgconfig/snort.pc
-- Installing: /usr/local/snort/bin/snort
-- Installing: /usr/local/snort/include/snort/actions/actions.h
-- Installing: /usr/local/snort/include/snort/codecs/codec_module.h
-- Installing: /usr/local/snort/include/snort/detection/detect.h
-- Installing: /usr/local/snort/include/snort/detection/detection_engine.h
-- Installing: /usr/local/snort/include/snort/detection/detection_options.h
-- Installing: /usr/local/snort/include/snort/detection/detection_util.h
-- Installing: /usr/local/snort/include/snort/detection/detect_trace.h
-- Installing: /usr/local/snort/include/snort/detection/ips_context.h
-- Installing: /usr/local/snort/include/snort/detection/ips_context_chain.h
-- Installing: /usr/local/snort/include/snort/detection/ips_context_data.h
-- Installing: /usr/local/snort/include/snort/detection/regex_offload.h
-- Installing: /usr/local/snort/include/snort/detection/rule_option_types.h
-- Installing: /usr/local/snort/include/snort/detection/rules.h
-- Installing: /usr/local/snort/include/snort/detection/signature.h
-- Installing: /usr/local/snort/include/snort/detection/treenodes.h
-- Installing: /usr/local/snort/include/snort/events/event.h
-- Installing: /usr/local/snort/include/snort/events/event_queue.h
-- Installing: /usr/local/snort/include/snort/file_api/file_api.h
-- Installing: /usr/local/snort/include/snort/file_api/file_capture.h
-- Installing: /usr/local/snort/include/snort/file_api/file_config.h
-- Installing: /usr/local/snort/include/snort/file_api/file_flows.h
-- Installing: /usr/local/snort/include/snort/file_api/file_identifier.h
-- Installing: /usr/local/snort/include/snort/file_api/file_lib.h
-- Installing: /usr/local/snort/include/snort/file_api/file_module.h
-- Installing: /usr/local/snort/include/snort/file_api/file_policy.h
-- Installing: /usr/local/snort/include/snort/file_api/file_segment.h
-- Installing: /usr/local/snort/include/snort/file_api/file_service.h
-- Installing: /usr/local/snort/include/snort/flow/expect_cache.h
-- Installing: /usr/local/snort/include/snort/flow/flow.h
-- Installing: /usr/local/snort/include/snort/flow/flow_data.h
-- Installing: /usr/local/snort/include/snort/flow/flow_key.h
-- Installing: /usr/local/snort/include/snort/flow/flow_stash.h
-- Installing: /usr/local/snort/include/snort/flow/ha.h
-- Installing: /usr/local/snort/include/snort/flow/stash_item.h
-- Installing: /usr/local/snort/include/snort/framework/base_api.h
-- Installing: /usr/local/snort/include/snort/framework/bits.h
-- Installing: /usr/local/snort/include/snort/framework/codec.h
-- Installing: /usr/local/snort/include/snort/framework/counts.h
-- Installing: /usr/local/snort/include/snort/framework/cursor.h
-- Installing: /usr/local/snort/include/snort/framework/data_bus.h
-- Installing: /usr/local/snort/include/snort/framework/decode_data.h
-- Installing: /usr/local/snort/include/snort/framework/endianness.h
-- Installing: /usr/local/snort/include/snort/framework/inspector.h
-- Installing: /usr/local/snort/include/snort/framework/ips_action.h
-- Installing: /usr/local/snort/include/snort/framework/ips_option.h
-- Installing: /usr/local/snort/include/snort/framework/logger.h
-- Installing: /usr/local/snort/include/snort/framework/lua_api.h
-- Installing: /usr/local/snort/include/snort/framework/module.h
-- Installing: /usr/local/snort/include/snort/framework/mpse.h
-- Installing: /usr/local/snort/include/snort/framework/mpse_batch.h
-- Installing: /usr/local/snort/include/snort/framework/packet_constraints.h
-- Installing: /usr/local/snort/include/snort/framework/parameter.h
-- Installing: /usr/local/snort/include/snort/framework/range.h
-- Installing: /usr/local/snort/include/snort/framework/so_rule.h
-- Installing: /usr/local/snort/include/snort/framework/value.h
-- Installing: /usr/local/snort/include/snort/framework/connector.h
-- Installing: /usr/local/snort/include/snort/framework/api_options.h
-- Installing: /usr/local/snort/include/snort/hash/ghash.h
-- Installing: /usr/local/snort/include/snort/hash/hashes.h
-- Installing: /usr/local/snort/include/snort/hash/hash_defs.h
-- Installing: /usr/local/snort/include/snort/hash/hash_key_operations.h
-- Installing: /usr/local/snort/include/snort/hash/lru_cache_shared.h
-- Installing: /usr/local/snort/include/snort/hash/xhash.h
-- Installing: /usr/local/snort/include/snort/log/log.h
-- Installing: /usr/local/snort/include/snort/log/log_text.h
-- Installing: /usr/local/snort/include/snort/log/messages.h
-- Installing: /usr/local/snort/include/snort/log/obfuscator.h
-- Installing: /usr/local/snort/include/snort/log/text_log.h
-- Installing: /usr/local/snort/include/snort/log/unified2.h
-- Installing: /usr/local/snort/include/snort/log/u2_packet.h
-- Installing: /usr/local/snort/include/snort/main/analyzer_command.h
-- Installing: /usr/local/snort/include/snort/main/policy.h
-- Installing: /usr/local/snort/include/snort/main/snort.h
-- Installing: /usr/local/snort/include/snort/main/snort_config.h
-- Installing: /usr/local/snort/include/snort/main/snort_debug.h
-- Installing: /usr/local/snort/include/snort/main/snort_types.h
-- Installing: /usr/local/snort/include/snort/main/thread.h
-- Installing: /usr/local/snort/include/snort/main/thread_config.h
-- Installing: /usr/local/snort/include/snort/managers/codec_manager.h
-- Installing: /usr/local/snort/include/snort/managers/inspector_manager.h
-- Installing: /usr/local/snort/include/snort/lua/snort_plugin.lua
-- Installing: /usr/local/snort/include/snort/lua/snort_config.lua
-- Installing: /usr/local/snort/include/snort/memory/memory_cap.h
-- Installing: /usr/local/snort/include/snort/mime/decode_b64.h
-- Installing: /usr/local/snort/include/snort/mime/decode_base.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_config.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_context_data.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_decode.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_log.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_paf.h
-- Installing: /usr/local/snort/include/snort/mime/file_mime_process.h
-- Installing: /usr/local/snort/include/snort/packet_io/active.h
-- Installing: /usr/local/snort/include/snort/packet_io/sfdaq.h
-- Installing: /usr/local/snort/include/snort/packet_io/sfdaq_instance.h
-- Installing: /usr/local/snort/include/snort/payload_injector/payload_injector_module.h
-- Installing: /usr/local/snort/include/snort/protocols/arp.h
-- Installing: /usr/local/snort/include/snort/protocols/bpdu.h
-- Installing: /usr/local/snort/include/snort/protocols/cisco_meta_data.h
-- Installing: /usr/local/snort/include/snort/protocols/eapol.h
-- Installing: /usr/local/snort/include/snort/protocols/eth.h
-- Installing: /usr/local/snort/include/snort/protocols/icmp4.h
-- Installing: /usr/local/snort/include/snort/protocols/icmp6.h
-- Installing: /usr/local/snort/include/snort/protocols/ip.h
-- Installing: /usr/local/snort/include/snort/protocols/ipv4.h
-- Installing: /usr/local/snort/include/snort/protocols/ipv4_options.h
-- Installing: /usr/local/snort/include/snort/protocols/ipv6.h
-- Installing: /usr/local/snort/include/snort/protocols/gre.h
-- Installing: /usr/local/snort/include/snort/protocols/layer.h
-- Installing: /usr/local/snort/include/snort/protocols/linux_sll.h
-- Installing: /usr/local/snort/include/snort/protocols/mpls.h
-- Installing: /usr/local/snort/include/snort/protocols/packet.h
-- Installing: /usr/local/snort/include/snort/protocols/packet_manager.h
-- Installing: /usr/local/snort/include/snort/protocols/protocol_ids.h
-- Installing: /usr/local/snort/include/snort/protocols/ssl.h
-- Installing: /usr/local/snort/include/snort/protocols/tcp.h
-- Installing: /usr/local/snort/include/snort/protocols/tcp_options.h
-- Installing: /usr/local/snort/include/snort/protocols/teredo.h
-- Installing: /usr/local/snort/include/snort/protocols/token_ring.h
-- Installing: /usr/local/snort/include/snort/protocols/udp.h
-- Installing: /usr/local/snort/include/snort/protocols/wlan.h
-- Installing: /usr/local/snort/include/snort/protocols/vlan.h
-- Installing: /usr/local/snort/include/snort/sfip/sf_cidr.h
-- Installing: /usr/local/snort/include/snort/sfip/sf_ip.h
-- Installing: /usr/local/snort/include/snort/sfip/sf_returns.h
-- Installing: /usr/local/snort/include/snort/stream/paf.h
-- Installing: /usr/local/snort/include/snort/stream/stream.h
-- Installing: /usr/local/snort/include/snort/stream/stream_splitter.h
-- Installing: /usr/local/snort/include/snort/target_based/snort_protocols.h
-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache.h
-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache_allocator.h
-- Installing: /usr/local/snort/include/snort/host_tracker/host_cache_interface.h
-- Installing: /usr/local/snort/include/snort/host_tracker/host_tracker.h
-- Installing: /usr/local/snort/include/snort/pub_sub/appid_events.h
-- Installing: /usr/local/snort/include/snort/pub_sub/cip_events.h
-- Installing: /usr/local/snort/include/snort/pub_sub/data_decrypt_event.h
-- Installing: /usr/local/snort/include/snort/pub_sub/daq_message_event.h
-- Installing: /usr/local/snort/include/snort/pub_sub/dcerpc_events.h
-- Installing: /usr/local/snort/include/snort/pub_sub/expect_events.h
-- Installing: /usr/local/snort/include/snort/pub_sub/finalize_packet_event.h
-- Installing: /usr/local/snort/include/snort/pub_sub/http_events.h
-- Installing: /usr/local/snort/include/snort/pub_sub/opportunistic_tls_event.h
-- Installing: /usr/local/snort/include/snort/pub_sub/sip_events.h
-- Installing: /usr/local/snort/include/snort/time/clock_defs.h
-- Installing: /usr/local/snort/include/snort/time/packet_time.h
-- Installing: /usr/local/snort/include/snort/time/stopwatch.h
-- Installing: /usr/local/snort/include/snort/profiler/memory_defs.h
-- Installing: /usr/local/snort/include/snort/profiler/memory_context.h
-- Installing: /usr/local/snort/include/snort/profiler/memory_profiler_defs.h
-- Installing: /usr/local/snort/include/snort/profiler/profiler.h
-- Installing: /usr/local/snort/include/snort/profiler/profiler_defs.h
-- Installing: /usr/local/snort/include/snort/profiler/rule_profiler_defs.h
-- Installing: /usr/local/snort/include/snort/profiler/time_profiler_defs.h
-- Installing: /usr/local/snort/include/snort/trace/trace.h
-- Installing: /usr/local/snort/include/snort/trace/trace_api.h
-- Installing: /usr/local/snort/include/snort/trace/trace_logger.h
-- Installing: /usr/local/snort/include/snort/utils/boyer_moore.h
-- Installing: /usr/local/snort/include/snort/utils/cpp_macros.h
-- Installing: /usr/local/snort/include/snort/utils/endian.h
-- Installing: /usr/local/snort/include/snort/utils/event_gen.h
-- Installing: /usr/local/snort/include/snort/utils/infractions.h
-- Installing: /usr/local/snort/include/snort/utils/kmap.h
-- Installing: /usr/local/snort/include/snort/utils/memcap_allocator.h
-- Installing: /usr/local/snort/include/snort/utils/primed_allocator.h
-- Installing: /usr/local/snort/include/snort/utils/safec.h
-- Installing: /usr/local/snort/include/snort/utils/segment_mem.h
-- Installing: /usr/local/snort/include/snort/utils/sflsq.h
-- Installing: /usr/local/snort/include/snort/utils/stats.h
-- Installing: /usr/local/snort/include/snort/utils/util.h
-- Installing: /usr/local/snort/include/snort/utils/util_ber.h
-- Installing: /usr/local/snort/include/snort/utils/util_cstring.h
-- Installing: /usr/local/snort/include/snort/utils/util_jsnorm.h
-- Installing: /usr/local/snort/include/snort/utils/util_unfold.h
-- Installing: /usr/local/snort/include/snort/utils/util_utf.h
-- Installing: /usr/local/snort/include/snort/helpers/base64_encoder.h
-- Installing: /usr/local/snort/include/snort/helpers/boyer_moore_search.h
-- Installing: /usr/local/snort/include/snort/helpers/literal_search.h
-- Installing: /usr/local/snort/include/snort/helpers/scratch_allocator.h
-- Installing: /usr/local/snort/include/snort/decompress/file_decomp.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_api.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_app_descriptor.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_dns_session.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_http_session.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_session_api.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/appid_types.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/application_ids.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_module_api.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_session_api.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/appid/tp_appid_types.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/packet_tracer/packet_tracer.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/reputation/reputation_common.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fingerprint.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fingerprint_tcp.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_fp_reader.h
-- Installing: /usr/local/snort/include/snort/network_inspectors/rna/rna_logger.h
-- Installing: /usr/local/snort/include/snort/search_engines/search_common.h
-- Installing: /usr/local/snort/include/snort/search_engines/search_tool.h
-- Installing: /usr/local/snort/bin/appid_detector_builder.sh
-- Installing: /usr/local/snort/bin/u2boat
-- Installing: /usr/local/snort/share/doc/snort/README.u2boat
-- Installing: /usr/local/snort/bin/u2spewfoo
-- Installing: /usr/local/snort/bin/snort2lua
-- Installing: /usr/local/snort/etc/snort/balanced.lua
-- Installing: /usr/local/snort/etc/snort/connectivity.lua
-- Installing: /usr/local/snort/etc/snort/file_magic.lua
-- Installing: /usr/local/snort/etc/snort/inline.lua
-- Installing: /usr/local/snort/etc/snort/max_detect.lua
-- Installing: /usr/local/snort/etc/snort/security.lua
-- Installing: /usr/local/snort/etc/snort/snort.lua
-- Installing: /usr/local/snort/etc/snort/snort_defaults.lua
-- Installing: /usr/local/snort/etc/snort/talos.lua
-- Installing: /usr/local/snort/lib64/snort/daqs/daq_file.so
-- Installing: /usr/local/snort/lib64/snort/daqs/daq_hext.so
-- Installing: /usr/local/snort/include/snort/daqs/daq_user.h
-- Installing: /usr/local/snort/share/doc/snort/active.txt
-- Installing: /usr/local/snort/share/doc/snort/appid.txt
-- Installing: /usr/local/snort/share/doc/snort/binder.txt
-- Installing: /usr/local/snort/share/doc/snort/byte_extract.txt
-- Installing: /usr/local/snort/share/doc/snort/byte_jump.txt
-- Installing: /usr/local/snort/share/doc/snort/byte_math.txt
-- Installing: /usr/local/snort/share/doc/snort/byte_options.txt
-- Installing: /usr/local/snort/share/doc/snort/byte_test.txt
-- Installing: /usr/local/snort/share/doc/snort/concepts.txt
-- Installing: /usr/local/snort/share/doc/snort/connectors.txt
-- Installing: /usr/local/snort/share/doc/snort/consolidated_config.txt
-- Installing: /usr/local/snort/share/doc/snort/daq.txt
-- Installing: /usr/local/snort/share/doc/snort/dcerpc.txt
-- Installing: /usr/local/snort/share/doc/snort/errors.txt
-- Installing: /usr/local/snort/share/doc/snort/features.txt
-- Installing: /usr/local/snort/share/doc/snort/file_processing.txt
-- Installing: /usr/local/snort/share/doc/snort/ftp.txt
-- Installing: /usr/local/snort/share/doc/snort/high_availability.txt
-- Installing: /usr/local/snort/share/doc/snort/http_inspect.txt
-- Installing: /usr/local/snort/share/doc/snort/http2_inspect.txt
-- Installing: /usr/local/snort/share/doc/snort/overview.txt
-- Installing: /usr/local/snort/share/doc/snort/params.txt
-- Installing: /usr/local/snort/share/doc/snort/perf_monitor.txt
-- Installing: /usr/local/snort/share/doc/snort/pop_imap.txt
-- Installing: /usr/local/snort/share/doc/snort/port_scan.txt
-- Installing: /usr/local/snort/share/doc/snort/sensitive_data.txt
-- Installing: /usr/local/snort/share/doc/snort/side_channel.txt
-- Installing: /usr/local/snort/share/doc/snort/smtp.txt
-- Installing: /usr/local/snort/share/doc/snort/snort2x.png
-- Installing: /usr/local/snort/share/doc/snort/snort3x.png
-- Installing: /usr/local/snort/share/doc/snort/snort_user.txt
-- Installing: /usr/local/snort/share/doc/snort/snorty.png
-- Installing: /usr/local/snort/share/doc/snort/telnet.txt
-- Installing: /usr/local/snort/share/doc/snort/terms.txt
-- Installing: /usr/local/snort/share/doc/snort/trace.txt
-- Installing: /usr/local/snort/share/doc/snort/tutorial.txt
-- Installing: /usr/local/snort/share/doc/snort/usage.txt
-- Installing: /usr/local/snort/share/doc/snort/wizard.txt
-- Installing: /usr/local/snort/share/doc/snort/snort_user.text
-- Installing: /usr/local/snort/share/doc/snort/appendix.txt
-- Installing: /usr/local/snort/share/doc/snort/building.txt
-- Installing: /usr/local/snort/share/doc/snort/enviro.txt
-- Installing: /usr/local/snort/share/doc/snort/snort_reference.txt
-- Installing: /usr/local/snort/share/doc/snort/snort_reference.text
-- Installing: /usr/local/snort/share/doc/snort/differences.txt
-- Up-to-date: /usr/local/snort/share/doc/snort/overview.txt
-- Installing: /usr/local/snort/share/doc/snort/snort2lua.txt
-- Installing: /usr/local/snort/share/doc/snort/snort_upgrade.txt
-- Installing: /usr/local/snort/share/doc/snort/config_changes.txt
-- Installing: /usr/local/snort/share/doc/snort/snort_upgrade.text
-- Installing: /usr/local/snort/share/doc/snort/snort_devel.txt
-- Installing: /usr/local/snort/share/doc/snort/extending.txt
-- Installing: /usr/local/snort/share/doc/snort/style.txt
[root@localhost build]#
到此Snort3的安装就此结束。
五、启动Snort3
[root@localhost ~]# /usr/local/snort/bin/snort -V
在下面一节中我会给大家讲解如何配置Snort3,今天介绍的内容非常多,希望大家多多联系,有问题联系我,更多有关***检测和安全监控的内容,也可以参考我的2019年作品《开源安全运维平台OSSIM疑难解析--入门篇》《开源安全运维平台OSSIM疑难解析--提高篇》。