RockyLinux8.8 ; Snort3+Snortsnarf , Chkrootkit Install
Snort3+Snortsnarf Install
Implement Snort, a network-based IDS, in the unauthorized access detection system.
SnortSnarf will also be installed to enable the unauthorized access logs extracted by Snort to be checked on a Web browser.
RockyLinux8 does not have a Snort3 repository, so build, compile and install Snort3 from source code
Advance preparation
①Install required build tools and libraries
Install the EPEL repository and enable the Powertools repository.
chkrootkit
①Download and install chkrootkit
# cd /usr/local/src
# wget ftp://ftp.chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz
# tar xvf chkrootkit.tar.gz
➁Create /root/bin directory and move chkrootkit command to that directory
# mkdir -p /root/bin
# mv chkrootkit-0.58b/chkrootkit /root/bin
➂Check chkrootkit.