This chapter presented a thorough, step-by-step guide to building a Snort server. A Snort server should be built off a hardened version of the chosen operating system. This chapter walked through the use of Red Hat Linux 7.3 for the Snort server. The first steps are to update and patch Red Hat and to harden the installation. Bastille Linux is an open source tool available to the hardening process. After the OS is installed and brought up to speed, the Snort packages are ready to be installed. Packages should be compiled and installed from source rather than installed from an RPM.

OpenSSL Project is an open source toolkit for implementing Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Furthermore, OpenSSL contains a general ...

Get Intrusion Detection with Snort now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.