Snort 2.9.7.0 and Daq 2.0.4

Intro

On past weekend I’ve packaged latest stable versions of snort and daq for Ubuntu Trusty. I’ve pushed the packages to my PPA. Enjoy and use it who it will be useful.

Upgrading

$ sudo service snort stop
$ sudo apt-add-repository ppa:vardan-pogosyan/stable
$ sudo apt-get update && sudo apt-get upgrade -y

If you are using a PulledPork, go to the PulledPork config file in /etc/pulledpork/pulledpork.conf by default and change snort_version option to 2.9.7.0. Then go to terminal and run:

$ sudo pulledpork.pl -c /etc/pulledpork/pulledpork.conf -l -m /etc/snort/sid-msg.map -P

The above need to update a snort dynamic rules lying in shared libraries under /usr/lib/snort_dynamicrules to version 2.9.7.0 otherwise snort won’t start. After upgrading the snort rules restart snort service.

If you are not using PulledPork for updating snort rules, you will need to do it manually.