I can't make it much easier than this, I have created new ports for Snort 2.9.0.2 and DAQ 0.4 (and subsequently packages) that you can install directly. The ports are submitted so look for the following in your ports tree:
updated: /usr/ports/security/snort
new: /usr/ports/security/daq
Components required:
- Fresh FreeBSD Install
- Miminal (i386)
- Access to the internet from said BSD boxen
- Basic knowledge of Snort
Once you have the above handled, you can issue the following command:
$ pkg_add -r http://www.rootedyour.com/enhanced/snort/snort-2.9.0.2.tbz
Output from the command on a Freshly installed FreeBSD Mimimal system:
$ pkg_add -r http://www.rootedyour.com/enhanced/snort/snort-2.9.0.2.tbz
Fetching http://www.rootedyour.com/enhanced/snort/snort-2.9.0.2.tbz... Done.
Fetching http://www.rootedyour.com/enhanced/All/libpcap-1.1.1.tbz... Done.
Fetching http://www.rootedyour.com/enhanced/All/libdnet-1.11_3.tbz... Done.
Fetching http://www.rootedyour.com/enhanced/All/daq-0.4.tbz... Done.
Some checksums for your reviewing pleasure:
- MD5 (daq-0.4.tbz) = 249d2d79fc03eb2d4e2e133da505d146
- MD5 (libdnet-1.11_3.tbz) = b861399b4710825419240a6443ec0eb9
- MD5 (libpcap-1.1.1.tbz) = 678ec713419066c884ceda82ebcfe66f
- MD5 (pcre-8.10.tbz) = 03cc8232b4ea9ecb968eb67211246f20
- SHA256 (daq-0.4.tbz) = f8e60e09c0ab4acc1726f180b2e9d58c7f557b4736a3e53e137d8cb186d71984
- SHA256 (libdnet-1.11_3.tbz) = 92f731313eea3867ab36ad789d938a66b83dda282e293a5a3d830f138c56b6f1
- SHA256 (libpcap-1.1.1.tbz) = fe7991735055bb92bc38a2550d6428200eb7491e0152fa59d75db1569918c4a4
- SHA256 (pcre-8.10.tbz) = e9517918174e4b569d9b4d1b3c902db529e0c3bd67a4a4ae7f1b830aac66e7b1
The above packages were build with the following configuration options: --enable-dynamicplugin --enable-flexresp3 --enable-ipv6 --enable-gre --enable-targetbsed --enable-decoder-preprocessor-rules --enable-zlib --enable-reload --enable-active-response --enable-normalizer --enable-react --enable-perfprofiling
I will likely be updating the ports / packages, so keep an eye out!
I will likely be updating the ports / packages, so keep an eye out!
JJC