Installing Suricata 4.* on Debian Stretch

// August 5th, 2019 // Hacking and Security

Advertisements

Kept getting version conflicts trying to install Suricata 4 IDS on Debian Stretch. Looks like Suricata expects to be installed on Buster which is sort of weird. Here’s how to get past the errors (e.g. libc6 requirement not met).

For Ubuntu, the OISF maintains a PPA suricata-stable that always contains the latest stable release.

sudo add-apt-repository ppa:oisf/suricata-stable

Since Debian Stretch is out of date:

echo "deb http://http.debian.net/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list

Do your apt update:

apt-get update

Finally, use the stretch backport for the install:

Advertisements

apt-get install suricata -t stretch-backports

Don’t forget to take advantage of the new suricata-update for rules updates.

To install suricata-update

sudo apt install python-pip python-yaml
sudo pip install --pre --upgrade suricata-update

To download the Emerging Threats Open ruleset, it is enough to simply run:

sudo suricata-update

This will download the ruleset into /var/lib/suricata/rules/

Suricata’s configuration will have to be updated to have a rules config like this:

default-rule-path: /var/lib/suricata/rules
rule-files:
- suricata.rules

Now (re)start Suricata.

Advertisements
Geek wear at Ivy and Pearl Boutique




« « Previous Article: Common traits of a cult leader or how to spot a cult leader (or President) in a crowd.     » » Next Article: Visit to Jeffery Epstein Zorro Ranch in Stanley, New Mexico


Leave a Reply

You must be logged in to post a comment.

%d bloggers like this: