Installing Snort on Kali Linux
2020 Setup
Hi! In this tutorial, I will show you how to install Snort on Kali Linux. Installing Snort is not as easy (it’s a pain in the a**) as installing other tools where we simply need to run the command sudo apt install [tool_name]. Because Snort does not exist as a package within Kali’s apt repository, we will need to use Ubuntu’s apt repositories. Let’s get Snort installed on your machine.
Make a Backup of Current Sources.list File
First, we need to create a backup of Kali’s sources.list file in order to restore it later:
mv /etc/apt/sources.list /etc/apt/sources.list.bakRemove currently installed Kali Updates
Go to /var/lib/apt/lists and delete all the files within the directory, leaving only the partial and auxfiles directory:
find /var/lib/apt/lists -type f -exec rm {} \;Download Ubuntu Sources.list File
Download Ubuntu’s sources.list file into the /etc/apt/ directory:
wget https://gist.githubusercontent.com/ishad0w/788555191c7037e249a439542c53e170/raw/3822ba49241e6fd851ca1c1cbcc4d7e87382f484/sources.list -O /etc/apt/sources.listAttempting to Update
Attempting to update withsudo apt updateusing the Ubuntu Sources.list file will generate an error regarding GPG public keys:
GPG error: http://archive.ubuntu.com/ubuntu focal-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 3B4FE6ACC0B21F32 NO_PUBKEY 871920D1991BC93Cinforming us that the Ubuntu server public keys were not found on our machine. So, we need to add the specified public keys to our computer:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 3B4FE6ACC0B21F32
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 871920D1991BC93CRun sudo apt update and you should be ready to install snort now!
Install Snort
After successfully updating our apt repository using the Ubuntu sources.list file, we can install Snort:
sudo apt install snortNote: You will be prompted to enter the IP address or IP address range of your computer using CIDR notation for Snort’s configuration. Enter your IP address or IP address range and hit enter.
Restoring Kali’s Repository Sources.list File
After installing Snort, remove the new update files located in /var/lib/apt/lists:
find /var/lib/apt/lists -type f -exec rm {} \;Then, rename the current Ubuntu sources.list file to ubuntu_sources.list, just in case you need it again in the future:
mv /etc/apt/sources.list /etc/apt/ubuntu_sources.listFinally, rename the Kali Linux /etc/apt/sources.list.bak file back to /etc/apt/sources.list:
mv /etc/apt/sources.list.bak /etc/apt/sources.listand run sudo apt update && sudo apt upgrade.
The End
You now have Snort installed! Run snort --version to confirm the installation. Thank you for your time. If you found this article helpful, follow me because I will be writing a comprehensive article soon concerning Snort rule writing. Please share or give me some claps!!!
