Skip to content

Snort Sensor

Brady Sullivan edited this page Nov 6, 2017 · 1 revision

Snort is an "open source intrusion prevention system capable of real-time traffic analysis and packet logging."

Deployment

This sensor can be deployed using the Ubuntu - Snort deploy script, found in MHN's Deploy page. The script provided supports installation on Ubuntu 14.04 and 16.04 systems. To avoid installation errors, it is highly recommended you make sure the host system is fully up-to-date before running the deploy script.

Further Information

The current install script uses the threatstream fork of the Snort source code. This code is fairly out of date. Newer versions of Snort are not yet currently supported.https://github.com/threatstream/snort