snort - flexible Network Intrusion Detection System

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: snort
Package version:
Package release: 5
Package architecture: i386
Package type: deb
Installed size: 2.05 KB
Download size: 647.32 KB
Official Mirror:
Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules-based logging and can perform content searching/matching in addition to detecting a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. This package provides the plain-vanilla version of Snort.



  • snort-mysql
  • snort-pgsql


  • snort-common << 2.0.2-3


    Binary package: snort_2.9.7.0-5_i386.deb
    Source package: snort

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install snort deb package:
      # sudo apt-get install snort


    • /etc/default/snort
    • /etc/init.d/snort
    • /etc/logrotate.d/snort
    • /etc/ppp/ip-down.d/snort
    • /etc/ppp/ip-up.d/snort
    • /usr/bin/u2boat
    • /usr/bin/u2spewfoo
    • /usr/sbin/snort
    • /usr/share/doc/snort/AUTHORS
    • /usr/share/doc/snort/BUGS
    • /usr/share/doc/snort/CREDITS.gz
    • /usr/share/doc/snort/NEWS.Debian.gz
    • /usr/share/doc/snort/NEWS.gz
    • /usr/share/doc/snort/README.Debian.gz
    • /usr/share/doc/snort/README.Maintainer
    • /usr/share/doc/snort/README.PLUGINS
    • /usr/share/doc/snort/README.csv
    • /usr/share/doc/snort/README.gz
    • /usr/share/doc/snort/RELEASE.NOTES
    • /usr/share/doc/snort/TODO.Debian.gz
    • /usr/share/doc/snort/USAGE.gz
    • /usr/share/doc/snort/changelog.Debian.gz
    • /usr/share/doc/snort/copyright
    • /usr/share/doc/snort/snort_rules.html
    • /usr/share/man/man8/snort.8.gz
    • /usr/share/man/man8/u2boat.8.gz
    • /usr/share/man/man8/u2spewfoo.8.gz


    2015-06-30 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=medium * debian/control: Depend on perl, not perl-modules (Closes: #779126)

    2014-12-09 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=low * debian/control: Updated deprecated VCs URL to git:// * Include Snort tools u2boat and u2spewfoo to parse Unified2 log format files (Closes: #770882): - debian/snort.install: Install the files in the Snort package - debian/{u2boat,u2spewfoo}.1 create new manpages for the tools - debian/snort.manpages: add the new manpages to the package - debian/snort.dirs: create usr/bin/ for the new tools * debian/rules: - Use dh_prep instead of dh_clean -k * debian/snort.manpages: Add the manpage for snort-stat, which was not included in the snort package (but the script was) * Rebuild with the latest daq library upstream (libdaq2). Libdaq0 is deprecated/obsolete and not maintained upstrea

    2014-10-24 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=high * debian/control: - Add pkg-config in Build-Depends, it provides the PKG_CHECK_MODULES macro used in This fixes a FTBFS observed in the buildds - Add libzma-dev dependency in Build-Depends as it is used in if available

    2014-10-24 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=high * The new upstream release, as seen with the previous upload, fixes the Out of Memory errors found in buildds when building (Closes: #765637) * debian/control: Add zlib1g-dev dependency in Build-Depends to fix FTFBFS

    2014-10-24 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=high * Upgrade to latest upstream version. Rules updates have been dropped by Snort upstream for older releases. Snort is not supported for rule updates since December 2013 (Closes: #753915) For more information see: * debian/patches/{config,config_disabled_rules,fix_upstream_typos}: Refresh to apply to the newest source * debian/rules: + Use dpkg-buildflags to setup the defult compiler and link flags. + Enable hardening options when building * debian/control: Build-Depend on (dpkg-dev >= 1.16.1~) due to above change * debian/patches/configure_werror: New patch to fix so that it can work properly when setting the hardening flags * debian/patches/hardening_werror: New patch to fix issues found when building with -Werror * Debconf updated Translations: - Updated Dutch translation, contributed by Frans Spiesschaert (Closes: #764319)

    2014-10-06 - Javier Fernández-Sanguino Peña <> snort ( unstable; urgency=medium * debian/control: Drop libgnutls-dev, as it is not longer required and it is scheduled for removal in sid, and (apparently) uninstallable. (Closes: #764108) * debian/control, debian/rules: Run dh-autoreconf when building to update config.{sub, guess} and {libtool, aclocal}.m4 (Closes: #748713) * debian/snort.init.d: Change the permissions of the snort PIDFILE once snort is started in order to prevent the following error messages when snort is *re*started: snort[xxxx]: Could not remove pid file /var/run// Permission denied (Closes: #753914) * debian/snort-stat.8: Fix filename of the alert log file and point to the correct location. (Closes: #709246) * Debconf updated Translations: - Updated Russian translation, contributed by Yuri Kozlov (Closes: 729710, #721483)