snort-inline on Ubuntu Server

Ian Latter ian.latter at
Sun Sep 16 07:06:34 BST 2007


  I've been running Ubuntu Desktop for some time now 
(almost two years, I'd say).  So I felt it was time to look
at the server build.  I was impressed with the tight 
default install on a test Ubuntu 7.04 server that I built
recently, and was hoping to make something serious of
it (having been an avid RedHat server fan and builder).  

  I've come to this list as referred by the advice here;

  The snort project has integrated the snort-inline
patches meaning that, when snort is compiled with the
right options, it will pop out a "snort-inline" binary
which can inter-operate with iptables, via ip_queue, 
and act as an Intrusion Prevention Service (not just an 
Intrusion Detection Service).

  The details can be found here;

  Including build info - i.e.;
    ./configure --enable-inline
    make install

  I've been back through the ubuntu-devel archives
up to January 2007, and can't see any discussion on
snort (as a subject reference) at all.  Could the 
default snort package be updated to include 
snort-inline?  Was there a reason why it wasn't
compiled that way for today's version of this package?

  I'm running Ubuntu Server 7.04;
    Linux localhost 2.6.20-15-generic #2 SMP Sun Apr 15
06:17:24 UTC 2007 x86_64 GNU/Linux

  With snort ala repo (apt-get install snort);

|/ Err?=(none)/Hold/Reinst-required/X=both-problems
(Status,Err: uppercase=bad)
||/ Name                Version        Description
ii  snort               2.3.3-9        Flexible Network
Intrusion Detection System
ii  snort-common        2.3.3-9        Flexible Network
Intrusion Detection System 
un  snort-doc           <none>         (no description
un  snort-mysql         <none>         (no description
un  snort-pgsql         <none>         (no description
un  snort-rules         <none>         (no description
ii  snort-rules-default 2.3.3-9        Flexible Network
Intrusion Detection System 

Thanks for your time,

Ian Latter
Late night coder ..

More information about the ubuntu-devel mailing list