Automic VaultAutomic Vault

brew

snort mit Homebrew, apk, MacPorts, Nix, apt installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für snort in AI-Agent-Workflows.

Installation

Weitere Installationsbefehle

macOS

Homebrewverifiziert · 100%
brew install snort

local Homebrew formula metadata

MacPortsverifiziert · 94%
sudo port install snort

MacPorts ports tree · net/snort/Portfile · Quelle: api.github.com

Linux

Alpine Linux apkverifiziert · 92%
sudo apk add snort

Alpine Linux edge package indexes · snort · Quelle: dl-cdn.alpinelinux.org

Nixverifiziert · 92%
nix profile install nixpkgs#snort

nixpkgs package indexes · pkgs/by-name/sn/snort/package.nix · Quelle: api.github.com

Ubuntu aptverifiziert · 92%
sudo apt install snort

Ubuntu 24.04 LTS package indexes · snort · Quelle: archive.ubuntu.com

Überblick

Paketzusammenfassung

Flexible Network Intrusion Detection System

Befehle und Aliase

  • appid_detector_builder.sh
  • show_flows
  • snort
  • snort2lua
  • u2boat
  • u2spewfoo

Verlauf

Projektgeschichte und Nutzung

Snort is a long-running open-source intrusion detection and prevention system whose command-line engine, rule language, and packaging history make it one of the canonical security tools in Unix and network-operations package collections.

Projektgeschichte

Snort's official GPL page carries Martin Roesch copyrights beginning in 1998, and Snort's own site describes it as an open-source IPS capable of real-time traffic analysis and packet logging. The project evolved from a packet sniffer and logger into a rule-driven network IDS/IPS with community and subscriber rules.

Snort 3, also known in the repository README as Snort++, was officially released on January 19, 2021 as version 3.1.0.0 after more than seven years of development. The official announcement describes a ground-up rework with faster rules, more user control, multi-environment support, multi-threaded packet processing, Lua configuration, pluggable components, service autodetection, sticky buffers, and autogenerated reference documentation.

Adoptionsgeschichte

Snort has a package-manager footprint because it is both a classic open-source security engine and an operational dependency for labs, appliances, training environments, and production sensors. The supplied package metadata lists Homebrew, Alpine, MacPorts, Nix, and Ubuntu packaging, while Snort.org points users to source releases, GitHub code, rule downloads, setup guides, and the Snort 3 manual.

Wie es verwendet wird

Snort is used as a packet sniffer, packet logger, network intrusion detection system, and inline prevention system. Snort 3 users typically build or install the engine, configure Lua files such as `snort.lua`, add rule sets, validate the configuration, then run against live interfaces or PCAP files with alert output suitable for analysts and automation.

Warum Paket-Nerds sich dafür interessieren

Package nerds care about Snort because it exercises nearly every hard part of packaging security software: libpcap/DAQ integration, LuaJIT configuration, C++ build requirements, rule data that changes independently from the engine, optional acceleration libraries, service files, sample configs, and upgrades between major rule-engine generations.

Zeitleiste

  • 1998: Official GPL page lists Martin Roesch copyrights beginning with Snort's early releases.
  • 2014: Snort 3-era copyright line begins under Cisco and affiliates in official version-output examples.
  • 2021-01-19: Snort 3 version 3.1.0.0 officially released.
  • 2026: Snort blog announces end-of-life for older Snort 2 and Snort 3 rule-support versions and encourages use of current Snort 3 packages.

Related projects

  • Snort is commonly discussed alongside tcpdump for packet sniffing, libpcap for capture, DAQ for packet I/O, Cisco Talos for rule development, and other IDS/IPS systems such as Suricata.

Sicherheitslage

Risikostufe: blue

broad file, network, media, or database tool signal.

Risikoklassifikator

blue Risiko · mittel Konfidenz · tool

Warum

  • broad file, network, media, or database tool signal

Signale

  • text:network

Installationsverhalten

  • In den Formelmetadaten ist kein Homebrew-Post-install-Hook erfasst.
  • Homebrew-Bottle-Metadaten sind für 6 Plattformziele verfügbar.
  • Installiert mit 10 Laufzeitabhängigkeiten.
  • Build-Metadaten listen 3 Build-Abhängigkeiten.

Empfohlene Prüfung

Prüfe vor unbeaufsichtigter Agent-Nutzung, ob das Tool Klartext-Credentials liest, Remote-Zustand schreibt, Artefakte veröffentlicht oder Plugins ausführt.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
snort.luasnort_defaults.lua

Executables

Installierte Executables

BefehlArtSichtbarkeitHinweis
appid_detector_builder.shcliglobales Executable
show_flowscliglobales Executable
snortcliglobales Executable
snort2luacliglobales Executable
u2boatcliglobales Executable
u2spewfoocliglobales Executable

Aktualität

Version und Aktualität

Diese Signale trennen das Alter der Seitengenerierung, Aktivität des Paketmanagers und Upstream-Release-Vergleich. Versionsrückstand wird nur gemeldet, wenn eine Evidenz-URL und vergleichbare Versionen vorhanden sind.

Seite generiert2026-07-10
Manager-Version3.12.2.0
Manager aktualisiert2026-06-27
lokale DatenOK
Upstreamnot checked
neueste erkannte Versionnicht erkannt

https://github.com/snort3/snort3

Installationsmetadaten

Paketmetadaten

Paketschlüsselbrew:snort
Version3.12.2.0
PaketmanagerHomebrew
Paketmanager-Seitehttps://formulae.brew.sh/formula/snort
Homepagehttps://www.snort.org
Repositoryhttps://github.com/snort3/snort3
Upstream-Dokumentationhttps://docs.snort.org/rules
LizenzGPL-2.0-only
Quellarchivhttps://github.com/snort3/snort3/archive/refs/tags/3.12.2.0.tar.gz
Zuletzt aktualisiert2026-06-27T17:38:03-04:00
Pulseupdated
Abhängigkeitendaq, hwloc, jemalloc, libdnet, libpcap, luajit, openssl@3, pcre2, vectorscan, xz
Build-Abhängigkeitencmake, flex, pkgconf
Bottleverfügbar (auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnicht definiert
Dienstkeiner deklariert
EinschränkungenFor snort to be functional, you need to update the permissions for /dev/bpf* so that they can be read by non-root users. This can be done manually using: sudo chmod o+r /dev/bpf* or you could create a startup item to do this for you.

Registry-Fakten

Details aus der Quelldatenbank

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namesnort
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

Source-Datenbank-Treffer

Andere Paketmanager-Einträge

Treffer stammen aus externen Paketmanager-Indizes und bleiben von lokalen Automic-Vault-Paketlinks getrennt.

Nix95%

snort

nix profile install nixpkgs#snort
  • normalized package name match
  • Abgeglichen nach: Snort
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/sn/snort/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

snort 2.9.20-0+deb11u1ubuntu1

flexible Network Intrusion Detection System

https://www.snort.org/

sudo apt install snort
  • Section: universe/net
  • Architecture: amd64
  • 20 Abhängigkeiten
  • 2 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Snort
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: snort from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

snort-common 2.9.20-0+deb11u1ubuntu1

flexible Network Intrusion Detection System - common files

https://www.snort.org/

sudo apt install snort-common
  • Section: universe/net
  • Architecture: all
  • Source Package: snort
  • 4 Abhängigkeiten
  • 1 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Snort
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: snort-common from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

snort-common-libraries 2.9.20-0+deb11u1ubuntu1

flexible Network Intrusion Detection System - libraries

https://www.snort.org/

sudo apt install snort-common-libraries
  • Section: universe/net
  • Architecture: amd64
  • Source Package: snort
  • 5 Abhängigkeiten
  • 3 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Snort
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: snort-common-libraries from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

snort-doc 2.9.20-0+deb11u1ubuntu1

flexible Network Intrusion Detection System - documentation

https://www.snort.org/

sudo apt install snort-doc
  • Section: universe/doc
  • Architecture: all
  • Source Package: snort
  • normalized package name match
  • Abgeglichen nach: Snort
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: snort-doc from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
Ubuntu apt95%

snort-rules-default 2.9.20-0+deb11u1ubuntu1

flexible Network Intrusion Detection System - ruleset

http://www.snort.org/snort-rules/

sudo apt install snort-rules-default
  • Section: universe/net
  • Architecture: all
  • Source Package: snort
  • 3 Abhängigkeiten
  • 1 stellt bereit
  • 4 optionale Abhängigkeiten
  • normalized package name match
  • Abgeglichen nach: Snort
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: snort-rules-default from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
apk95%

snort 3.9.2.0-r0

Open source network intrusion prevention and detection system

https://www.snort.org/

sudo apk add snort
  • License: GPL-2.0-only
  • Architecture: x86_64
  • Source Package: snort
  • 1 Abhängigkeiten
  • 1 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Snort
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: snort from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk95%

snort-dev 3.9.2.0-r0

Open source network intrusion prevention and detection system (development files)

https://www.snort.org/

sudo apk add snort-dev
  • License: GPL-2.0-only
  • Architecture: x86_64
  • Source Package: snort
  • 1 Abhängigkeiten
  • 1 stellt bereit
  • normalized package name match
  • Abgeglichen nach: Snort
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: snort-dev from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk95%

snort-doc 3.9.2.0-r0

Open source network intrusion prevention and detection system (documentation)

https://www.snort.org/

sudo apk add snort-doc
  • License: GPL-2.0-only
  • Architecture: x86_64
  • Source Package: snort
  • normalized package name match
  • Abgeglichen nach: Snort
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: snort-doc from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
apk95%

snort-openrc 3.9.2.0-r0

Open source network intrusion prevention and detection system (OpenRC init scripts)

https://www.snort.org/

sudo apk add snort-openrc
  • License: GPL-2.0-only
  • Architecture: x86_64
  • Source Package: snort
  • normalized package name match
  • Abgeglichen nach: Snort
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: snort-openrc from https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
MacPorts95%

snort

sudo port install snort
  • normalized package name match
  • Abgeglichen nach: Snort
MacPorts ports tree · api.github.com · MacPorts ports tree: net/snort/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

Quellspur

Aus Repository-Daten generiert

Diese Seite wird von av-web aus dem privaten Paket-SQLite-Artefakt bereitgestellt, das scripts/generate-pkg-sqlite.py erstellt.

Verwendete Quellen

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment