Cross compile libpcap for Arm

This has been tested on Ubuntu 16.04.1 Desktop (64-bit), and assumes that arm-linux-gnuabi-gcc has already been installed, e.g. sudo apt-get install -y gcc-arm-linux-gnueabi Download the latest libpcap source tar ball from [http://www.tcpdump.org/#latest-releases], e.g. libpcap-1.8.1.tar.gz tar zxvf libpcap-1.8.1.tar.gz apt-get install flex bison byacc export CC = arm-linux-gnueabi-gcc ./configure –host=arm-linux –with-pcap=linux make Once the library has been compiled, it may be linked to other code, using the -L gcc flag and the location of the library.

Read More →

Installing Snort 2.9.1.2 on CentOS 5.7

CentOS 5.7 uses an older version of libpcap (0.9.4), but Snort’s DataAcquisition Library (daq) needs a newer version of libpcap (>=1.0.0).The latter is not an issue with the CentOS 6.0. Vishesh Kumar [1]provides an excellent instructions to getting Snort 2.9 to run on RHEL 5(http://www.linuxmantra.com/2010/10/install-snort-29-on-rhel-5.html).The purpose of this post is not to duplicate his efforts, but to extendit slightly to include instructions for a complete Snort set-up.

Read More →