In this article, we will have explained the necessary steps to install Snort on Ubuntu 22.04 LTS. Before continuing with this tutorial, make sure you are logged in as a user with
sudo privileges. All the commands in this tutorial should be run as a non-root user.
Snort is an open-source lightweight network Intrusion Prevention System for running a network intrusion detection system (NIDS). Snort is used to monitor the package data sent/received through a specific network interface. Correctly installed and configured Snort can be very useful in detecting different kinds of attacks and threats like SMB probes, malware infections, compromised systems, etc.
- Operating System with Ubuntu 22.04
- Server IPv4 Address with Superuser Privileges (Root Access)
- Gnome Terminal for Linux Desktop
- PuTTy SSH client for Windows or macOS
- Powershell for Windows 10/11
- Familiar with APT Commands
Install Snort on Ubuntu 22.04 LTS
Step 1. First, before you start installing any package on your Ubuntu server, we always recommend making sure that all system packages are updated.
sudo apt update sudo apt upgrade sudo apt install build-essential libpcap-dev libpcre3-dev libnet1-dev zlib1g-dev luajit hwloc libdnet-dev libdumbnet-dev bison flex liblzma-dev openssl libssl-dev pkg-config libhwloc-dev cmake cpputest libsqlite3-dev uuid-dev libcmocka-dev libnetfilter-queue-dev libmnl-dev autotools-dev libluajit-5.1-dev libunwind-dev libfl-dev
Step 2. Install Snort on Ubuntu.
Snort installation is quite easy and straightforward since the Snort package is accessible in the repositories of the majority of Linux distributions. Now You can follow the steps given below for downloading and setting up the Snort:
wget [https://github.com/snort3/snort3/archive/refs/heads/master.zip](https://github.com/snort3/snort3/archive/refs/heads/master.zip) unzip master.zip cd snort3-master ./configure_cmake.sh --prefix=/usr/local --enable-tcmalloc
You will see similar output given below:
------------------------------------------------------ snort version 126.96.36.199 Install options: prefix: /usr/local includes: /usr/local/include/snort plugins: /usr/local/lib/snort Compiler options: CC: /usr/bin/cc CXX: /usr/bin/c++ CFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-free -O2 -g -DNDEBUG CXXFLAGS: -fvisibility=hidden -DNDEBUG -g -ggdb -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-free -O2 -g -DNDEBUG EXE_LDFLAGS: MODULE_LDFLAGS: Feature options: DAQ Modules: Static (afpacket;bpf;dump;fst;gwlb;nfq;pcap;savefile;trace) libatomic: System-provided Hyperscan: OFF ICONV: ON Libunwind: ON LZMA: ON RPC DB: Built-in SafeC: OFF TCMalloc: ON JEMalloc: OFF UUID: ON ------------------------------------------------------- -- Configuring done -- Generating done -- Build files have been written to: /home/alp/snort_src/snort3-master/build
Next, navigate to the build directory and install Snort 3:
cd build make sudo make install sudo ldconfig
Verify Snort 3 installation:
To test your Snort installation with the default configuration file, run the next command:
snort -c /usr/local/etc/snort/snort.lua
That’s all you need to do to install Snort on Ubuntu 22.04 LTS Jammy Jellyfish. I hope you find this quick tip helpful. For further reading on the installation of the Snort network intrusion detection system (NIDS), please refer to their official knowledge base. I hope this article was helpful to you. If you find it useful, don’t forget to share it with your friend and family. Also, if you have any questions, please feel free to ask in the comments section. We are always there to assist you.