This project involved building the latest version of Snort 3 (v3.1.74.0) completely from source on a Kali Linux machine, following industry practices for network intrusion detection system (IDS) configuration and deployment.
- Compiled Snort 3 from source
- Installed all required dependencies manually
- Downloaded and built PCRE, Hyperscan, Boost, Flatbuffers, libDAQ, Ragel, and Gperftools
- Installed PulledPork3 for future rule updates
- Created and structured Snort configuration files
- Validated build steps using screenshots
Although I faced issues running Snort live with community rules due to config errors, this project reflects my ability to troubleshoot complex Linux environments and build advanced security tools manually.
📁 All screenshots are in the
screenshots/folder in this repo.
snort.lua: Configuration file (seenotes.md)- Screenshot log of all build steps
- Manual compilation and validation of core libraries
- Kali Linux (VirtualBox)
- Snort 3.1.74.0
- Boost 1.77.0
- Hyperscan 5.4.2
- Flatbuffers 2.0.0
- PCRE 8.45
- PulledPork3
Snort was successfully built and configured, but errors with community.rules integration prevented full testing with live alerts. Future improvements include:
- Using Snort’s built-in rules for testing
- Revalidating the
snort.luadetection block - Comparing with Snort 2.x for rule compatibility