snort 설치
root@e224fcdd6ca2:/# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 22.04.3 LTS
Release: 22.04
Codename: jammy
root@e224fcdd6ca2:/# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 65535
inet 172.17.0.2 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 85 bytes 73082 (73.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 73 bytes 4679 (4.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 4000 bytes 200000 (200.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4000 bytes 200000 (200.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
apt-get install snort
맞는지 모르지만 두번의 질문에 대해
Interface(s) which Snort should listen on: eth0
Address range for the local network: 10.30.0.0/24
root@e224fcdd6ca2:/# apt-get install snort
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libauthen-sasl-perl libclone-perl libdaq2 libdata-dump-perl libdumbnet1 libencode-locale-perl libestr0 libfastjson4 libfile-listing-perl libfont-afm-perl
libgdbm-compat4 libgdbm6 libhtml-form-perl libhtml-format-perl libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libhttp-cookies-perl
libhttp-daemon-perl libhttp-date-perl libhttp-message-perl libhttp-negotiate-perl libio-html-perl libio-socket-ssl-perl libluajit-5.1-2
libluajit-5.1-common liblwp-mediatypes-perl liblwp-protocol-https-perl libmailtools-perl libnet-http-perl libnet-smtp-ssl-perl libnet-ssleay-perl
libnetfilter-queue1 libnfnetlink0 libnghttp2-14 libperl5.34 libpopt0 libtimedate-perl libtry-tiny-perl liburi-perl libwww-perl libwww-robotrules-perl
logrotate oinkmaster perl perl-modules-5.34 perl-openssl-defaults rsyslog snort-common snort-common-libraries snort-rules-default
Suggested packages:
libdigest-hmac-perl libgssapi-perl gdbm-l10n libcrypt-ssleay-perl libsub-name-perl libbusiness-isbn-perl libauthen-ntlm-perl bsd-mailx | mailx perl-doc
libterm-readline-gnu-perl | libterm-readline-perl-perl make libtap-harness-archive-perl rsyslog-mysql | rsyslog-pgsql rsyslog-mongodb rsyslog-doc
rsyslog-openssl | rsyslog-gnutls rsyslog-gssapi rsyslog-relp apparmor snort-doc
The following NEW packages will be installed:
libauthen-sasl-perl libclone-perl libdaq2 libdata-dump-perl libdumbnet1 libencode-locale-perl libestr0 libfastjson4 libfile-listing-perl libfont-afm-perl
libgdbm-compat4 libgdbm6 libhtml-form-perl libhtml-format-perl libhtml-parser-perl libhtml-tagset-perl libhtml-tree-perl libhttp-cookies-perl
libhttp-daemon-perl libhttp-date-perl libhttp-message-perl libhttp-negotiate-perl libio-html-perl libio-socket-ssl-perl libluajit-5.1-2
libluajit-5.1-common liblwp-mediatypes-perl liblwp-protocol-https-perl libmailtools-perl libnet-http-perl libnet-smtp-ssl-perl libnet-ssleay-perl
libnetfilter-queue1 libnfnetlink0 libnghttp2-14 libperl5.34 libpopt0 libtimedate-perl libtry-tiny-perl liburi-perl libwww-perl libwww-robotrules-perl
logrotate oinkmaster perl perl-modules-5.34 perl-openssl-defaults rsyslog snort snort-common snort-common-libraries snort-rules-default
0 upgraded, 52 newly installed, 0 to remove and 0 not upgraded.
Need to get 12.7 MB of archives.
After this operation, 66.1 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 perl-modules-5.34 all 5.34.0-3ubuntu1.3 [2976 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libgdbm6 amd64 1.23-1 [33.9 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/main amd64 libgdbm-compat4 amd64 1.23-1 [6606 B]
Get:4 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 libperl5.34 amd64 5.34.0-3ubuntu1.3 [4820 kB]
Get:5 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 perl amd64 5.34.0-3ubuntu1.3 [232 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libluajit-5.1-common all 2.1.0~beta3+dfsg-6 [44.3 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libluajit-5.1-2 amd64 2.1.0~beta3+dfsg-6 [238 kB]
Get:8 http://archive.ubuntu.com/ubuntu jammy/universe amd64 snort-common-libraries amd64 2.9.15.1-6build1 [882 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy/universe amd64 snort-rules-default all 2.9.15.1-6build1 [146 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy/universe amd64 snort-common all 2.9.15.1-6build1 [49.7 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy/main amd64 libestr0 amd64 0.1.10-2.1build3 [7796 B]
Get:12 http://archive.ubuntu.com/ubuntu jammy/main amd64 libfastjson4 amd64 0.99.9-1build2 [23.0 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 rsyslog amd64 8.2112.0-2ubuntu2.2 [497 kB]
Get:14 http://archive.ubuntu.com/ubuntu jammy/main amd64 libpopt0 amd64 1.18-3build1 [28.2 kB]
Get:15 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 logrotate amd64 3.19.0-1ubuntu1.1 [54.3 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libdumbnet1 amd64 1.12-10 [27.8 kB]
Get:17 http://archive.ubuntu.com/ubuntu jammy/main amd64 libnfnetlink0 amd64 1.0.1-3build3 [14.6 kB]
Get:18 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libnetfilter-queue1 amd64 1.0.5-2 [14.4 kB]
Get:19 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libdaq2 amd64 2.0.7-5 [83.5 kB]
Get:20 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 libnghttp2-14 amd64 1.43.0-1ubuntu0.1 [76.7 kB]
Get:21 http://archive.ubuntu.com/ubuntu jammy/universe amd64 snort amd64 2.9.15.1-6build1 [792 kB]
Get:22 http://archive.ubuntu.com/ubuntu jammy/main amd64 libclone-perl amd64 0.45-1build3 [11.0 kB]
Get:23 http://archive.ubuntu.com/ubuntu jammy/main amd64 libdata-dump-perl all 1.25-1 [25.9 kB]
Get:24 http://archive.ubuntu.com/ubuntu jammy/main amd64 libencode-locale-perl all 1.05-1.1 [11.8 kB]
Get:25 http://archive.ubuntu.com/ubuntu jammy/main amd64 libtimedate-perl all 2.3300-2 [34.0 kB]
Get:26 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhttp-date-perl all 6.05-1 [9920 B]
Get:27 http://archive.ubuntu.com/ubuntu jammy/main amd64 libfile-listing-perl all 6.14-1 [11.2 kB]
Get:28 http://archive.ubuntu.com/ubuntu jammy/main amd64 libfont-afm-perl all 1.20-3 [13.6 kB]
Get:29 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhtml-tagset-perl all 3.20-4 [12.5 kB]
Get:30 http://archive.ubuntu.com/ubuntu jammy/main amd64 liburi-perl all 5.10-1 [78.8 kB]
Get:31 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhtml-parser-perl amd64 3.76-1build2 [88.4 kB]
Get:32 http://archive.ubuntu.com/ubuntu jammy/main amd64 libio-html-perl all 1.004-2 [15.4 kB]
Get:33 http://archive.ubuntu.com/ubuntu jammy/main amd64 liblwp-mediatypes-perl all 6.04-1 [19.5 kB]
Get:34 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhttp-message-perl all 6.36-1 [76.8 kB]
Get:35 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhtml-form-perl all 6.07-1 [22.2 kB]
Get:36 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhtml-tree-perl all 5.07-2 [200 kB]
Get:37 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhtml-format-perl all 2.12-1.1 [41.3 kB]
Get:38 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhttp-cookies-perl all 6.10-1 [18.4 kB]
Get:39 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 libhttp-daemon-perl all 6.13-1ubuntu0.1 [22.9 kB]
Get:40 http://archive.ubuntu.com/ubuntu jammy/main amd64 libhttp-negotiate-perl all 6.01-1 [12.5 kB]
Get:41 http://archive.ubuntu.com/ubuntu jammy/main amd64 perl-openssl-defaults amd64 5build2 [7542 B]
Get:42 http://archive.ubuntu.com/ubuntu jammy/main amd64 libnet-ssleay-perl amd64 1.92-1build2 [327 kB]
Get:43 http://archive.ubuntu.com/ubuntu jammy/main amd64 libio-socket-ssl-perl all 2.074-2 [192 kB]
Get:44 http://archive.ubuntu.com/ubuntu jammy/main amd64 libnet-http-perl all 6.22-1 [23.2 kB]
Get:45 http://archive.ubuntu.com/ubuntu jammy/main amd64 libtry-tiny-perl all 0.31-1 [21.8 kB]
Get:46 http://archive.ubuntu.com/ubuntu jammy/main amd64 libwww-robotrules-perl all 6.02-1 [12.6 kB]
Get:47 http://archive.ubuntu.com/ubuntu jammy/main amd64 libwww-perl all 6.61-1 [141 kB]
Get:48 http://archive.ubuntu.com/ubuntu jammy/main amd64 liblwp-protocol-https-perl all 6.10-1 [10.9 kB]
Get:49 http://archive.ubuntu.com/ubuntu jammy/main amd64 libnet-smtp-ssl-perl all 1.04-1 [5948 B]
Get:50 http://archive.ubuntu.com/ubuntu jammy/main amd64 libmailtools-perl all 2.21-1 [80.7 kB]
Get:51 http://archive.ubuntu.com/ubuntu jammy/universe amd64 oinkmaster all 2.0-4.1 [71.8 kB]
Get:52 http://archive.ubuntu.com/ubuntu jammy/main amd64 libauthen-sasl-perl all 2.1600-1.1 [43.1 kB]
Fetched 12.7 MB in 15s (821 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package perl-modules-5.34.
(Reading database ... 11588 files and directories currently installed.)
Preparing to unpack .../00-perl-modules-5.34_5.34.0-3ubuntu1.3_all.deb ...
Unpacking perl-modules-5.34 (5.34.0-3ubuntu1.3) ...
Selecting previously unselected package libgdbm6:amd64.
Preparing to unpack .../01-libgdbm6_1.23-1_amd64.deb ...
Unpacking libgdbm6:amd64 (1.23-1) ...
Selecting previously unselected package libgdbm-compat4:amd64.
Preparing to unpack .../02-libgdbm-compat4_1.23-1_amd64.deb ...
Unpacking libgdbm-compat4:amd64 (1.23-1) ...
Selecting previously unselected package libperl5.34:amd64.
Preparing to unpack .../03-libperl5.34_5.34.0-3ubuntu1.3_amd64.deb ...
Unpacking libperl5.34:amd64 (5.34.0-3ubuntu1.3) ...
Selecting previously unselected package perl.
Preparing to unpack .../04-perl_5.34.0-3ubuntu1.3_amd64.deb ...
Unpacking perl (5.34.0-3ubuntu1.3) ...
Selecting previously unselected package libluajit-5.1-common.
Preparing to unpack .../05-libluajit-5.1-common_2.1.0~beta3+dfsg-6_all.deb ...
Unpacking libluajit-5.1-common (2.1.0~beta3+dfsg-6) ...
Selecting previously unselected package libluajit-5.1-2:amd64.
Preparing to unpack .../06-libluajit-5.1-2_2.1.0~beta3+dfsg-6_amd64.deb ...
Unpacking libluajit-5.1-2:amd64 (2.1.0~beta3+dfsg-6) ...
Selecting previously unselected package snort-common-libraries.
Preparing to unpack .../07-snort-common-libraries_2.9.15.1-6build1_amd64.deb ...
Unpacking snort-common-libraries (2.9.15.1-6build1) ...
Selecting previously unselected package snort-rules-default.
Preparing to unpack .../08-snort-rules-default_2.9.15.1-6build1_all.deb ...
Unpacking snort-rules-default (2.9.15.1-6build1) ...
Selecting previously unselected package snort-common.
Preparing to unpack .../09-snort-common_2.9.15.1-6build1_all.deb ...
Unpacking snort-common (2.9.15.1-6build1) ...
Selecting previously unselected package libestr0:amd64.
Preparing to unpack .../10-libestr0_0.1.10-2.1build3_amd64.deb ...
Unpacking libestr0:amd64 (0.1.10-2.1build3) ...
Selecting previously unselected package libfastjson4:amd64.
Preparing to unpack .../11-libfastjson4_0.99.9-1build2_amd64.deb ...
Unpacking libfastjson4:amd64 (0.99.9-1build2) ...
Selecting previously unselected package rsyslog.
Preparing to unpack .../12-rsyslog_8.2112.0-2ubuntu2.2_amd64.deb ...
Unpacking rsyslog (8.2112.0-2ubuntu2.2) ...
Selecting previously unselected package libpopt0:amd64.
Preparing to unpack .../13-libpopt0_1.18-3build1_amd64.deb ...
Unpacking libpopt0:amd64 (1.18-3build1) ...
Selecting previously unselected package logrotate.
Preparing to unpack .../14-logrotate_3.19.0-1ubuntu1.1_amd64.deb ...
Unpacking logrotate (3.19.0-1ubuntu1.1) ...
Selecting previously unselected package libdumbnet1:amd64.
Preparing to unpack .../15-libdumbnet1_1.12-10_amd64.deb ...
Unpacking libdumbnet1:amd64 (1.12-10) ...
Selecting previously unselected package libnfnetlink0:amd64.
Preparing to unpack .../16-libnfnetlink0_1.0.1-3build3_amd64.deb ...
Unpacking libnfnetlink0:amd64 (1.0.1-3build3) ...
Selecting previously unselected package libnetfilter-queue1:amd64.
Preparing to unpack .../17-libnetfilter-queue1_1.0.5-2_amd64.deb ...
Unpacking libnetfilter-queue1:amd64 (1.0.5-2) ...
Selecting previously unselected package libdaq2.
Preparing to unpack .../18-libdaq2_2.0.7-5_amd64.deb ...
Unpacking libdaq2 (2.0.7-5) ...
Selecting previously unselected package libnghttp2-14:amd64.
Preparing to unpack .../19-libnghttp2-14_1.43.0-1ubuntu0.1_amd64.deb ...
Unpacking libnghttp2-14:amd64 (1.43.0-1ubuntu0.1) ...
Selecting previously unselected package snort.
Preparing to unpack .../20-snort_2.9.15.1-6build1_amd64.deb ...
Unpacking snort (2.9.15.1-6build1) ...
Selecting previously unselected package libclone-perl.
Preparing to unpack .../21-libclone-perl_0.45-1build3_amd64.deb ...
Unpacking libclone-perl (0.45-1build3) ...
Selecting previously unselected package libdata-dump-perl.
Preparing to unpack .../22-libdata-dump-perl_1.25-1_all.deb ...
Unpacking libdata-dump-perl (1.25-1) ...
Selecting previously unselected package libencode-locale-perl.
Preparing to unpack .../23-libencode-locale-perl_1.05-1.1_all.deb ...
Unpacking libencode-locale-perl (1.05-1.1) ...
Selecting previously unselected package libtimedate-perl.
Preparing to unpack .../24-libtimedate-perl_2.3300-2_all.deb ...
Unpacking libtimedate-perl (2.3300-2) ...
Selecting previously unselected package libhttp-date-perl.
Preparing to unpack .../25-libhttp-date-perl_6.05-1_all.deb ...
Unpacking libhttp-date-perl (6.05-1) ...
Selecting previously unselected package libfile-listing-perl.
Preparing to unpack .../26-libfile-listing-perl_6.14-1_all.deb ...
Unpacking libfile-listing-perl (6.14-1) ...
Selecting previously unselected package libfont-afm-perl.
Preparing to unpack .../27-libfont-afm-perl_1.20-3_all.deb ...
Unpacking libfont-afm-perl (1.20-3) ...
Selecting previously unselected package libhtml-tagset-perl.
Preparing to unpack .../28-libhtml-tagset-perl_3.20-4_all.deb ...
Unpacking libhtml-tagset-perl (3.20-4) ...
Selecting previously unselected package liburi-perl.
Preparing to unpack .../29-liburi-perl_5.10-1_all.deb ...
Unpacking liburi-perl (5.10-1) ...
Selecting previously unselected package libhtml-parser-perl:amd64.
Preparing to unpack .../30-libhtml-parser-perl_3.76-1build2_amd64.deb ...
Unpacking libhtml-parser-perl:amd64 (3.76-1build2) ...
Selecting previously unselected package libio-html-perl.
Preparing to unpack .../31-libio-html-perl_1.004-2_all.deb ...
Unpacking libio-html-perl (1.004-2) ...
Selecting previously unselected package liblwp-mediatypes-perl.
Preparing to unpack .../32-liblwp-mediatypes-perl_6.04-1_all.deb ...
Unpacking liblwp-mediatypes-perl (6.04-1) ...
Selecting previously unselected package libhttp-message-perl.
Preparing to unpack .../33-libhttp-message-perl_6.36-1_all.deb ...
Unpacking libhttp-message-perl (6.36-1) ...
Selecting previously unselected package libhtml-form-perl.
Preparing to unpack .../34-libhtml-form-perl_6.07-1_all.deb ...
Unpacking libhtml-form-perl (6.07-1) ...
Selecting previously unselected package libhtml-tree-perl.
Preparing to unpack .../35-libhtml-tree-perl_5.07-2_all.deb ...
Unpacking libhtml-tree-perl (5.07-2) ...
Selecting previously unselected package libhtml-format-perl.
Preparing to unpack .../36-libhtml-format-perl_2.12-1.1_all.deb ...
Unpacking libhtml-format-perl (2.12-1.1) ...
Selecting previously unselected package libhttp-cookies-perl.
Preparing to unpack .../37-libhttp-cookies-perl_6.10-1_all.deb ...
Unpacking libhttp-cookies-perl (6.10-1) ...
Selecting previously unselected package libhttp-daemon-perl.
Preparing to unpack .../38-libhttp-daemon-perl_6.13-1ubuntu0.1_all.deb ...
Unpacking libhttp-daemon-perl (6.13-1ubuntu0.1) ...
Selecting previously unselected package libhttp-negotiate-perl.
Preparing to unpack .../39-libhttp-negotiate-perl_6.01-1_all.deb ...
Unpacking libhttp-negotiate-perl (6.01-1) ...
Selecting previously unselected package perl-openssl-defaults:amd64.
Preparing to unpack .../40-perl-openssl-defaults_5build2_amd64.deb ...
Unpacking perl-openssl-defaults:amd64 (5build2) ...
Selecting previously unselected package libnet-ssleay-perl:amd64.
Preparing to unpack .../41-libnet-ssleay-perl_1.92-1build2_amd64.deb ...
Unpacking libnet-ssleay-perl:amd64 (1.92-1build2) ...
Selecting previously unselected package libio-socket-ssl-perl.
Preparing to unpack .../42-libio-socket-ssl-perl_2.074-2_all.deb ...
Unpacking libio-socket-ssl-perl (2.074-2) ...
Selecting previously unselected package libnet-http-perl.
Preparing to unpack .../43-libnet-http-perl_6.22-1_all.deb ...
Unpacking libnet-http-perl (6.22-1) ...
Selecting previously unselected package libtry-tiny-perl.
Preparing to unpack .../44-libtry-tiny-perl_0.31-1_all.deb ...
Unpacking libtry-tiny-perl (0.31-1) ...
Selecting previously unselected package libwww-robotrules-perl.
Preparing to unpack .../45-libwww-robotrules-perl_6.02-1_all.deb ...
Unpacking libwww-robotrules-perl (6.02-1) ...
Selecting previously unselected package libwww-perl.
Preparing to unpack .../46-libwww-perl_6.61-1_all.deb ...
Unpacking libwww-perl (6.61-1) ...
Selecting previously unselected package liblwp-protocol-https-perl.
Preparing to unpack .../47-liblwp-protocol-https-perl_6.10-1_all.deb ...
Unpacking liblwp-protocol-https-perl (6.10-1) ...
Selecting previously unselected package libnet-smtp-ssl-perl.
Preparing to unpack .../48-libnet-smtp-ssl-perl_1.04-1_all.deb ...
Unpacking libnet-smtp-ssl-perl (1.04-1) ...
Selecting previously unselected package libmailtools-perl.
Preparing to unpack .../49-libmailtools-perl_2.21-1_all.deb ...
Unpacking libmailtools-perl (2.21-1) ...
Selecting previously unselected package oinkmaster.
Preparing to unpack .../50-oinkmaster_2.0-4.1_all.deb ...
Unpacking oinkmaster (2.0-4.1) ...
Selecting previously unselected package libauthen-sasl-perl.
Preparing to unpack .../51-libauthen-sasl-perl_2.1600-1.1_all.deb ...
Unpacking libauthen-sasl-perl (2.1600-1.1) ...
Setting up libestr0:amd64 (0.1.10-2.1build3) ...
Setting up libfastjson4:amd64 (0.99.9-1build2) ...
Setting up rsyslog (8.2112.0-2ubuntu2.2) ...
Adding user `syslog' to group `adm' ...
Adding user syslog to group adm
Done.
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Creating config file /etc/rsyslog.d/50-default.conf with new version
Created symlink /etc/systemd/system/multi-user.target.wants/dmesg.service → /lib/systemd/system/dmesg.service.
Created symlink /etc/systemd/system/syslog.service → /lib/systemd/system/rsyslog.service.
Created symlink /etc/systemd/system/multi-user.target.wants/rsyslog.service → /lib/systemd/system/rsyslog.service.
Setting up libnghttp2-14:amd64 (1.43.0-1ubuntu0.1) ...
Setting up perl-openssl-defaults:amd64 (5build2) ...
Setting up perl-modules-5.34 (5.34.0-3ubuntu1.3) ...
Setting up libluajit-5.1-common (2.1.0~beta3+dfsg-6) ...
Setting up libdumbnet1:amd64 (1.12-10) ...
Setting up libnfnetlink0:amd64 (1.0.1-3build3) ...
Setting up snort-rules-default (2.9.15.1-6build1) ...
Setting up libgdbm6:amd64 (1.23-1) ...
Setting up libpopt0:amd64 (1.18-3build1) ...
Setting up logrotate (3.19.0-1ubuntu1.1) ...
Created symlink /etc/systemd/system/timers.target.wants/logrotate.timer → /lib/systemd/system/logrotate.timer.
Setting up libluajit-5.1-2:amd64 (2.1.0~beta3+dfsg-6) ...
Setting up libnetfilter-queue1:amd64 (1.0.5-2) ...
Setting up libgdbm-compat4:amd64 (1.23-1) ...
Setting up libdaq2 (2.0.7-5) ...
Setting up snort-common-libraries (2.9.15.1-6build1) ...
Setting up libperl5.34:amd64 (5.34.0-3ubuntu1.3) ...
Setting up perl (5.34.0-3ubuntu1.3) ...
Setting up libdata-dump-perl (1.25-1) ...
Setting up libio-html-perl (1.004-2) ...
Setting up libtimedate-perl (2.3300-2) ...
Setting up liburi-perl (5.10-1) ...
Setting up libnet-ssleay-perl:amd64 (1.92-1build2) ...
Setting up libhttp-date-perl (6.05-1) ...
Setting up libfile-listing-perl (6.14-1) ...
Setting up libfont-afm-perl (1.20-3) ...
Setting up libclone-perl (0.45-1build3) ...
Setting up libhtml-tagset-perl (3.20-4) ...
Setting up libauthen-sasl-perl (2.1600-1.1) ...
Setting up liblwp-mediatypes-perl (6.04-1) ...
Setting up libtry-tiny-perl (0.31-1) ...
Setting up libnet-http-perl (6.22-1) ...
Setting up libencode-locale-perl (1.05-1.1) ...
Setting up snort-common (2.9.15.1-6build1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Setting up libwww-robotrules-perl (6.02-1) ...
Setting up libhtml-parser-perl:amd64 (3.76-1build2) ...
Setting up libio-socket-ssl-perl (2.074-2) ...
Setting up libhttp-message-perl (6.36-1) ...
Setting up libhtml-form-perl (6.07-1) ...
Setting up libhttp-negotiate-perl (6.01-1) ...
Setting up snort (2.9.15.1-6build1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Snort configuration: interface default not set, using 'eth0@if16'
Device "eth0@if16" does not exist.
Snort configuration: WARN: One of the interfaces is not UP in the system, raising question priority
Configuring snort
-----------------
This value is usually "eth0", but this may be inappropriate in some network environments; for a dialup connection "ppp0" might be more appropriate (see the
output of "/sbin/ifconfig").
Typically, this is the same interface as the "default route" is on. You can determine which interface is used for this by running "/sbin/route -n" (look for
"0.0.0.0").
It is also not uncommon to use an interface with no IP address configured in promiscuous mode. For such cases, select the interface in this system that is
physically connected to the network that should be inspected, enable promiscuous mode later on and make sure that the network traffic is sent to this
interface (either connected to a "port mirroring/spanning" port in a switch, to a hub, or to a tap).
You can configure multiple interfaces, just by adding more than one interface name separated by spaces. Each interface can have its own specific
configuration.
Interface(s) which Snort should listen on: eth0
Please use the CIDR form - for example, 192.168.1.0/24 for a block of 256 addresses or 192.168.1.42/32 for just one. Multiple values should be comma-separated
(without spaces).
You can leave this value empty and configure HOME_NET in /etc/snort/snort.conf instead. This is useful if you are using Snort in a system which frequently
changes network and does not have a static IP address assigned.
Please note that if Snort is configured to use multiple interfaces, it will use this value as the HOME_NET definition for all of them.
Address range for the local network: 10.30.0.0/24
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of stop.
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of start.
invoke-rc.d: could not determine current runlevel
invoke-rc.d: policy-rc.d denied execution of restart.
Setting up libhttp-cookies-perl (6.10-1) ...
Setting up libhtml-tree-perl (5.07-2) ...
Setting up libhtml-format-perl (2.12-1.1) ...
Setting up libnet-smtp-ssl-perl (1.04-1) ...
Setting up libmailtools-perl (2.21-1) ...
Setting up libhttp-daemon-perl (6.13-1ubuntu0.1) ...
Setting up liblwp-protocol-https-perl (6.10-1) ...
Setting up libwww-perl (6.61-1) ...
Setting up oinkmaster (2.0-4.1) ...
Processing triggers for l
apt-get install tcpdump
root@1de76a7fab9c:/# apt-get install tcpdump
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
apparmor
The following NEW packages will be installed:
tcpdump
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 501 kB of archives.
After this operation, 1407 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 tcpdump amd64 4.99.1-3ubuntu0.1 [501 kB]
Fetched 501 kB in 5s (105 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package tcpdump.
(Reading database ... 11579 files and directories currently installed.)
Preparing to unpack .../tcpdump_4.99.1-3ubuntu0.1_amd64.deb ...
Unpacking tcpdump (4.99.1-3ubuntu0.1) ...
Setting up tcpdump (4.99.1-3ubuntu0.1) ...
root@1de76a7fab9c:/#
apt-get install hping3
root@2ae4c6e22694:/# apt-get install hping3
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
libtcl8.6 tzdata
Suggested packages:
tcl8.6
The following NEW packages will be installed:
hping3 libtcl8.6 tzdata
0 upgraded, 3 newly installed, 0 to remove and 5 not upgraded.
Need to get 1447 kB of archives.
After this operation, 8444 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 tzdata all 2023d-0ubuntu0.22.04 [351 kB]
Get:2 http://archive.ubuntu.com/ubuntu jammy/main amd64 libtcl8.6 amd64 8.6.12+dfsg-1build1 [990 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy/universe amd64 hping3 amd64 3.a2.ds2-10 [106 kB]
Fetched 1447 kB in 3s (457 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package tzdata.
(Reading database ... 11579 files and directories currently installed.)
Preparing to unpack .../tzdata_2023d-0ubuntu0.22.04_all.deb ...
Unpacking tzdata (2023d-0ubuntu0.22.04) ...
Selecting previously unselected package libtcl8.6:amd64.
Preparing to unpack .../libtcl8.6_8.6.12+dfsg-1build1_amd64.deb ...
Unpacking libtcl8.6:amd64 (8.6.12+dfsg-1build1) ...
Selecting previously unselected package hping3.
Preparing to unpack .../hping3_3.a2.ds2-10_amd64.deb ...
Unpacking hping3 (3.a2.ds2-10) ...
Setting up tzdata (2023d-0ubuntu0.22.04) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.34.0 /usr/local/share/perl/5.34.0 /usr/lib/x86_64-linux-gnu/perl5/5.34 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.34 /usr/share/perl/5.34 /usr/local/lib/site_perl) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7.)
debconf: falling back to frontend: Teletype
Configuring tzdata
------------------
Please select the geographic area in which you live. Subsequent configuration questions will narrow this down by presenting a list of cities, representing the time zones
in which they are located.
1. Africa 2. America 3. Antarctica 4. Australia 5. Arctic 6. Asia 7. Atlantic 8. Europe 9. Indian 10. Pacific 11. US 12. Etc
Geographic area: 6
Please select the city or region corresponding to your time zone.
1. Aden 10. Bahrain 19. Chongqing 28. Harbin 37. Jerusalem 46. Kuala_Lumpur 55. Novokuznetsk 64. Qyzylorda 73. Taipei 82. Ulaanbaatar
2. Almaty 11. Baku 20. Colombo 29. Hebron 38. Kabul 47. Kuching 56. Novosibirsk 65. Rangoon 74. Tashkent 83. Urumqi
3. Amman 12. Bangkok 21. Damascus 30. Ho_Chi_Minh 39. Kamchatka 48. Kuwait 57. Omsk 66. Riyadh 75. Tbilisi 84. Ust-Nera
4. Anadyr 13. Barnaul 22. Dhaka 31. Hong_Kong 40. Karachi 49. Macau 58. Oral 67. Sakhalin 76. Tehran 85. Vientiane
5. Aqtau 14. Beirut 23. Dili 32. Hovd 41. Kashgar 50. Magadan 59. Phnom_Penh 68. Samarkand 77. Tel_Aviv 86. Vladivostok
6. Aqtobe 15. Bishkek 24. Dubai 33. Irkutsk 42. Kathmandu 51. Makassar 60. Pontianak 69. Seoul 78. Thimphu 87. Yakutsk
7. Ashgabat 16. Brunei 25. Dushanbe 34. Istanbul 43. Khandyga 52. Manila 61. Pyongyang 70. Shanghai 79. Tokyo 88. Yangon
8. Atyrau 17. Chita 26. Famagusta 35. Jakarta 44. Kolkata 53. Muscat 62. Qatar 71. Singapore 80. Tomsk 89. Yekaterinburg
9. Baghdad 18. Choibalsan 27. Gaza 36. Jayapura 45. Krasnoyarsk 54. Nicosia 63. Qostanay 72. Srednekolymsk 81. Ujung_Pandang 90. Yerevan
Time zone: 69
Current default time zone: 'Asia/Seoul'
Local time is now: Fri Jan 19 17:36:37 KST 2024.
Universal Time is now: Fri Jan 19 08:36:37 UTC 2024.
Run 'dpkg-reconfigure tzdata' if you wish to change it.
Setting up libtcl8.6:amd64 (8.6.12+dfsg-1build1) ...
Setting up hping3 (3.a2.ds2-10) ...
Processing triggers for libc-bin (2.35-0ubuntu3.6) ...
root@2ae4c6e22694:/#'보안' 카테고리의 다른 글
| docker ubuntu fping, nmap 사용. (1) | 2024.01.13 |
|---|---|
| mac book docker에 ubuntu 설치 (1) | 2024.01.13 |
| mac fping 설치. (0) | 2024.01.12 |
| 개인정보 보호법 (0) | 2023.12.15 |
| 정보통신망 이용촉진 및 정보보호 등에 관한 법률 ( 약칭: 정보통신망법 ) (0) | 2023.12.15 |