• Contact
  • Contact Us
  • Disclamer
  • Home 1
  • Home 2
  • Home 3
  • Privacy Policy
Wednesday, July 2, 2025
How VPS - How to use/setup VPS
  • Login
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home VPS/Servers management guides

How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server

How VPS by How VPS
November 15, 2019
in VPS/Servers management guides
0
How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server
0
SHARES
492
VIEWS
Share on FacebookShare on Twitter

Contents

  1. How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server
    1. Introduction
    2. Prerequisites
  2. Steps
    1. Update system packages
    2. Install Snort dependencies
  3. Install Snort
  4. Conclusion

Today, we will guide you How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server.

How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server

Introduction

Intrusion detection systems are software that serves to monitor the network traffic for any suspicious activity and sends alerts or takes actions when discovered.

With the increasing sophistication of attacks, having firewalls and network perimeter security is not enough as we need to detect the threats before they cause a significant impact.

Some of the intrusion detection systems like Cisco’s IDS are unfortunately too expensive to purchase for some organizations.

Luckily Snort came to the rescue as being arguably one of the best open source intrusion detection systems in the market, running on almost all Linux, Unix, and Mac Os platforms.

Some of the features offered by Snort include:

  • Network intrusion detection system
  • Packet sniffer
  • Packet logger

How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server

Prerequisites

  • A VPS/Dedicated server running Ubuntu 18.04
  • A non-root user with sudo privileges

Steps

Update system packages

$ sudo apt update && sudo apt upgrade

We will be installing a number of source files so you would want to create a folder to hold these packages.

$ mkdir snort_source_files && cd snort_source_files

Install Snort dependencies

Install the snort prerequisites in the created folder

$ sudo sudo apt install -y build-essential autotools-dev libdumbnet-dev libluajit-5.1-dev libpcap-dev /
> libpcre3-dev zlib1g-dev pkg-config libhwloc-dev

Install cmake library

$ sudo apt install -y cmake

We will then want to install some optional but highly recommended libraries.

$ sudo apt install -y liblzma-dev openssl libssl-dev cpputest libsqlite3-dev uuid-dev

Since snort will be installed from Github, we definitely want to get the required tools to work with that.

$ apt install -y libtool git autoconf

Snort’s Data Acquisition Library has to have its dependencies installed:

$ sudo apt install -y bison flex

Install the Safe C library for buffer overflow prevention checks at runtime (caused by legacy C-library calls)

$ wget / >https://downloads.sourceforge.net/project/safeclib/libsafec-10052013.tar.gz
$ tar -xzvf libsafec-10052013.tar.gz
$ cd libsafec-10052013
$ ./configure
$ make
$ sudo make install

For performance optimization on high memory usage, we are going to install google performance tools (gfpertools):

$ cd ~/snort_source_files/
$ wget / >https://github.com/gperftools/gperftools/releases/download/gperftools-2.7/gperftools-2.7.tar.gz
$ tar xzvf gperftools-2.7.tar.gz
$ cd gperftools-2.7
$ ./configure
$ make
$ sudo make install

For faster pattern matching, we will install Ragel and Boost which are dependencies of Hyperscan that will assist us in faster multiple regex matching during scans.

Download and install Ragel library:

$ cd ~/snort_source_files/ 
$ wget http://www.colm.net/files/ragel/ragel-6.10.tar.gz
$ tar -xzvf ragel-6.10.tar.gz
$ cd ragel-6.10
$ ./configure
$ make
$ sudo make install

Download the Boost C++ libraries but do not install it.

$ cd  ~/snort_source_files/
$ wget https://dl.bintray.com/boostorg/release/1.67.0/source/boost_1_67_0.tar.gz
$ tar -xvzf boost_1_67_0.tar.gz

Download and install Hyper scan while referencing the location of the location of the boost  headers source:

$ ~/snort_source_files/
$ wget https://github.com/intel/hyperscan/archive/v4.7.0.tar.gz
$ tar -xvzf v4.7.0.tar.gz 
$ mkdir ~/snort_src/hyperscan-4.7.0-build 
$ cd hyperscan-4.7.0-build/
$ cmake -DCMAKE_INSTALL_PREFIX=/usr/local / >-DBOOST_ROOT=~/snort_source_files/boost_1_67_0/ ../hyperscan-4.7.0
$ make 
$ sudo make install

To test whether the hyper-scan works:

$ cd ~/snort_src/hyperscan-4.7.0-build/
$ ./bin/unit-hyperscan

We then need to install a memory serialization library called flatbuffers which is more efficient:

$ cd ~/snort_source_files
$ wget https://github.com/google/flatbuffers/archive/v1.9.0.tar.gz -O flatbuffers-v1.9.0.tar.gz
$ tar -xzvf flatbuffers-1.9.0.tar.gz
$ mkdir flatbuffers-build && cd flatbuffers-build
$ cmake ../flatbuffers-1.9.0
$ make
$ sudo make install

Install Snort

We first need to install the Data Acquisition Library (DAQ) from snort’s website:

$ cd ~/snort_source_files
$ wget https://www.snort.org/downloads/snortplus/daq-2.2.2.tar.gz
$ tar -xzvf  daq-2.2.2.tar.gz
$ cd daq-2.2.2
$ ./configure
$ make
$ sudo make install

Update the shared libraries

$ sudo ldconfig

Finally, download snort source code and install it:

$ cd ~/snort_source_files
$ git clone git://github.com/snortadmin/snort3.git
$ cd snort3
$ ./configure_cmake.sh --prefix=/usr/local --enable-tcmalloc
$ cd build
$ make
$ sudo make install

You can check whether snort has been installed:

$ /usr/local/bin/snort -V

How to Install Snort on an Ubuntu 18.04 VPS or Dedicated Server

Conclusion

If you have received the same output like the one above, it means you have successfully installed snort on your VPS/Dedicated host. The next step would be to permanently configure the global variables needed to run snort.

Tags: Install Snort on an UbuntusnortUbuntu
Previous Post

How to Find Recent or Today’s Modified Files in Linux

Next Post

10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux

Next Post

10 Useful Sudoers Configurations for Setting ‘sudo’ in Linux

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result

Recent Post

Install Imagemagick on CentOS
CentOS

Install Imagemagick on CentOS

by How VPS
June 28, 2023
0

This is how I installed Imagemagick on a vanilla CentOS server Start off by installing the prerequisites yum install php-pear...

Read more
how to Check phpinfo

How to Check phpinfo of Hosting or VPS?

June 28, 2023
Failed to download metadata for repo 'appstream' on Centos 8

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

February 25, 2022
How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020

Recent News

  • Install Imagemagick on CentOS
  • How to Check phpinfo of Hosting or VPS?
  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

Category

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel
  • About
  • Advertise
  • Careers
  • Contact

© 2025 JNews - Premium WordPress news & magazine theme by Jegtheme.

No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon

© 2025 JNews - Premium WordPress news & magazine theme by Jegtheme.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In