Wednesday, December 8, 2010

Snort on FreeBSD i386 the easy way!

This is a quick posting to help you get Snort 2.9.0.x up and running on your FreeBSD!

I can't make it much easier than this, I have created new ports for Snort and DAQ 0.4 (and subsequently packages) that you can install directly.  The ports are submitted so look for the following in your ports tree:

updated: /usr/ports/security/snort
new: /usr/ports/security/daq

Components required:
  • Fresh FreeBSD Install
    • Miminal (i386)
  • Access to the internet from said BSD boxen
  • Basic knowledge of Snort

Once you have the above handled, you can issue the following command:
$ pkg_add -r

Output from the command on a Freshly installed FreeBSD Mimimal system:
$ pkg_add -r
Fetching Done.
Fetching Done.
Fetching Done.
Fetching Done.

Some checksums for your reviewing pleasure:
  • MD5 (daq-0.4.tbz) = 249d2d79fc03eb2d4e2e133da505d146
  • MD5 (libdnet-1.11_3.tbz) = b861399b4710825419240a6443ec0eb9
  • MD5 (libpcap-1.1.1.tbz) = 678ec713419066c884ceda82ebcfe66f
  • MD5 (pcre-8.10.tbz) = 03cc8232b4ea9ecb968eb67211246f20

  • SHA256 (daq-0.4.tbz) = f8e60e09c0ab4acc1726f180b2e9d58c7f557b4736a3e53e137d8cb186d71984
  • SHA256 (libdnet-1.11_3.tbz) = 92f731313eea3867ab36ad789d938a66b83dda282e293a5a3d830f138c56b6f1
  • SHA256 (libpcap-1.1.1.tbz) = fe7991735055bb92bc38a2550d6428200eb7491e0152fa59d75db1569918c4a4
  • SHA256 (pcre-8.10.tbz) = e9517918174e4b569d9b4d1b3c902db529e0c3bd67a4a4ae7f1b830aac66e7b1
The above packages were build with the following configuration options: --enable-dynamicplugin --enable-flexresp3 --enable-ipv6 --enable-gre --enable-targetbsed --enable-decoder-preprocessor-rules --enable-zlib --enable-reload --enable-active-response --enable-normalizer --enable-react --enable-perfprofiling

I will likely be updating the ports / packages, so keep an eye out!



rob said...

Would you be so kind as to post your
Makefile and pkg-list so others can build packages.

JJC said...

Will do, also just as an FYI... updated ports will be in the ports tree shortly.