Created
June 20, 2021 08:44
-
-
Save AreRex14/64bdfdf85c3f352124c5a482b2bfe901 to your computer and use it in GitHub Desktop.
Basic script to install Suricata IDS/IPS 5.0.0 for Linux (specifically Ubuntu 18.04 LTS)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #for logging useful message during script execution | |
| log() { | |
| echo "[+] $1" | |
| } | |
| install() { | |
| log "Installing Suricata 5 for Linux..." | |
| sudo apt-get update -y | |
| #to download suricata source | |
| sudo apt-get install -y wget | |
| #install recommended suricata dependencies | |
| #refer ubuntu/debian package repository for desc/about of each packages | |
| sudo apt-get install -y libpcre3 libpcre3-dbg libpcre3-dev autoconf automake libtool build-essential libpcap-dev && \ | |
| sudo apt-get install -y libnet1-dev libyaml-0-2 libyaml-dev libjansson4 pkg-config zlib1g zlib1g-dev && \ | |
| sudo apt-get install -y libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev && \ | |
| sudo apt-get install -y libnss3-dev libgeoip-dev liblua5.1-0-dev libluajit-5.1-dev libhiredis-dev libmaxminddb-dev libevent-dev python-yaml && \ | |
| #for Rust support | |
| sudo apt-get install -y rustc cargo | |
| #Extra for iptables/nftables IPS integration | |
| sudo apt-get install libnetfilter-queue-dev libnetfilter-queue1 libnetfilter-log-dev libnetfilter-log1 libnfnetlink-dev libnfnetlink0 | |
| #install missing dependencies | |
| sudo apt-get install -y --fix-missing | |
| log "Get Suricata release source..." | |
| #unless not work, try with latest stable of Suricata 5 > https://www.openinfosecfoundation.org/download/suricata-5.0.6.tar.gz | |
| wget https://openinfosecfoundation.org/download/suricata-5.0.0.tar.gz | |
| #extract gzip package | |
| tar -xvzf suricata-5.0.0.tar.gz | |
| cd suricata-5.0.0 || exit | |
| log "Configuring IDS/IPS..." | |
| #https://suricata.readthedocs.io/en/suricata-5.0.6/install.html#common-configure-options | |
| #https://suricata.readthedocs.io/en/suricata-5.0.0/install.html#common-configure-options | |
| ./configure --enable-nfqueue --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ | |
| --with-libhs-libraries=/usr/local/lib/ --enable-geoip --enable-hiredis \ | |
| --disable-gccmarch-native --enable-gccprotect --enable-luajit --enable-pie | |
| make clean && make && sudo make install && sudo make install-conf | |
| #create link and cache to shared libraries | |
| sudo ldconfig | |
| log "Installation complete!" | |
| } | |
| install |
Author
AreRex14
commented
Jun 20, 2021
- Download the script
- sudo chmod +x suricata-install.sh
- sudo ./suricata-install.sh
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment