Information, OpenSourceSoftware, Security, Sguil, Snort, Ubuntu

snort- debian/ubuntu packages

Loglevel: INFO

I have packed snort for Ubuntu Hardy and Jaunty:

I have changed the way I pack snort. I no longer pack the pgsql and mysql versions. I have also dropped prelude support. If you need them, drop me a line, and I’ll see what I can do. Its just my belief, that one should log in unified/2 format for speed, and let barnyard/2 take care of the rest 🙂

I also compile snort with IPv6.

-*> Snort! Version IPv6 (Build 114) <*-


2 thoughts on “snort- debian/ubuntu packages

  1. larsx2 says:

    Very Helpful Edward!, Im currently testing all your packages with the idea of making a nice pdf document with details in setting a Sguil arq. on Ubuntu LTS.
    Just one question about your update.. you uploaded an Snort- package only for amd right? no i386? Im doing the testing with Intel Atom processors so im still compiling the source.


  2. Hi Edward,

    Great blog!

    I would like to recommend you using a Launchpad PPA as it would make things easier to find in an Ubuntu context, would enforce trust by default (packages signed with your key.) and would make your Snort packaging effort most likely the default in Ubuntu in the long run.

    It would also open for *auto* compilation for different architectures AND support for development, current and previous versions of the distro.

    With the upcoming LTS I think this is more important than ever.

    Of course it has to be added that all Ubuntu packages should be merged from Debian. So I guess going through Debian would be the right way, I guess…


    Snort in Ubuntu:
    Snort in Debian:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s