Required Software

  • Libpcap
  • PCRE
  • Libdnet
  • Barnyard2
  • DAQ

Note to Windows users: If you’re downloading Snort binaries the only requirements are WinPcap and Barnyard.

Libpcap In the field of computer network administration, pcap (packet capture) consists of an application programming interface (API) for capturing network traffic. Unix-like systems implement pcap in the libpcap library; Windows uses a port of libpcap known as WinPcap.

Monitoring software may use libpcap and/or WinPcap to capture packets traveling over a network. libpcap and WinPcap also support saving captured packets to a file and reading files containing saved packets. Snort uses these files to read network traffic and analyze it.

For more information and to download please visit tcpdump

PCRE

Perl Compatible Regular Expressions (PCRE) is a regular expression C library inspired by Perl’s external interface, written by Philip Hazel. The PCRE library is incorporated into a number of prominent open-source programs such as the Apache HTTP Server, the PHP and R scripting languages, and Snort.

We recommend the minimum version of PCRE installed to be 8.31

For more information and to download please visit PCRE

Libdnet

Libdnet is a generic networking API that provides access to several protocols.

For more information and to download please visit libdnet

Barnyard2

Barnyard is an output system for Snort. Snort creates a special binary output format called unified. Barnyard2 reads this file, and then resends the data to a database back-end. Unlike the database output plugin, Barnyard2 manages the sending of events to the database and stores them when the database temporarily cannot accept connections.

For more information and to download please visit barnyard2

DAQ

DAQ is the Data-Acquisition API that is necessary to use Snort version 2.9.0 and above.

For more information and to download please visit DAQ

Next: Download Snort