Ubuntu

How to Install Snort on Ubuntu 22.04

“Snort is a helpful intrusion detection system that performs real-time packet logging and analysis of traffic on IP networks. You can also use the tool to analyze all incoming packets to allow or deny based on given rules. Besides, its rules are easy to create and can be deployed on multiple operating systems. Our focus is on how to install snort on Ubuntu 22.04.”

Getting Started With Snort on Ubuntu 22.04

One way to keep your system secure is by monitoring the packets, and having reliable intrusion prevention and detection system comes in handy. Snort is an open-source and lightweight intrusion detection system, and there are various ways of installing it on Ubuntu. This guide covers installing snort using apt and apt-get on Ubuntu 22.04. Also, we will see how to install snort from the source code.

Method 1. Install Snort Using apt-get Update

The apt database offers the simplest way to install snort, and you only need two commands to have snort installed on your system.

First, start by updating your apt database using the command below.

$ sudo apt-get update

Updating ensures you get the details of the latest version of snort to be installed using the next command.

Now that we have the sources list updated, we can run the command below to install snort on Ubuntu 22.04

$ sudo apt-get install -y snort

The -y flag is optional, but we are adding it to skip getting prompted to answer questions when installing the tool.

You can confirm the installation by checking the version of snort on your system.

We have installed snort version 2.9.15.1, as evident in the image above.

Method 2. Install Snort Using apt Update

Installing snort using apt is the same as using apt-get. We start by updating the apt database using the command below.

$ sudo apt update

Once updated, use the command below to install snort on your Ubuntu.

$ sudo apt install -y snort

That’s it. You’ve installed snort using apt and apt-get commands.

How to Remove Snort on Ubuntu

If at any point you feel you must remove snort from your system and all its dependencies, use the command below.

$ sudo apt-get -y autoremove snort

Method 3. Install Snort on Ubuntu 22.04 From Source Code

If you prefer seeing the installation in action and having control over the process, you can install snort from the source code. For this, you must download snort from the release page, extract it, then run the installation commands. Let’s see how that works.

Start by downloading the snort version you want to install from the snort release page using wget and ensure you are in the ../ directory where you want to install snort.

Also, you need to install some key build tools for the installation to be a success. Use the command below.

$ sudo apt install -y build-essential libpcap-dev libpcre3-dev \ libnet1-dev zlib1g-dev luajit hwloc libdnet-dev \ libdumbnet-dev bison flex liblzma-dev openssl libssl-dev \ pkg-config libhwloc-dev cmake cpputest libsqlite3-dev uuid-dev \ libcmocka-dev libnetfilter-queue-dev libmnl-dev autotools-dev \ libluajit-5.1-dev libunwind-dev libfl-dev

For this case, we will install snort version 2.9.20. The command would be as follows

$ cd ../
$ wget https://www.snort.org/downloads/snort/snort-2.9.20.tar.gz

Once you’ve downloaded snort using the above command, extract the tar file.

$ tar xvzf snort-2.9.20.tar.gz

Navigate the snort directory containing the installation file.

$ cd snort-2.9.20

Finally, use the command below to install snort on your Ubuntu 22. Note that we are also using the make command to compile the source code when installing the package.

$ ./configure -enable-sourcefire && make sudo make install

Hopefully, you now have snort installed and ready for configuration.

Conclusion

This guide covered the various methods of installing snort on your Ubuntu 22.04. For a quick and easy installation, use the apt or apt-get. All the steps for the installation are presented in the guide. Try them out.

About the author

Denis Kariuki

Denis is a Computer Scientist with a passion for Networking and Cyber Security. I love the terminal, and using Linux is a hobby. I am passionate about sharing tips and ideas about Linux and computing.