Home > Uncategorized > vortex IDS on RHEL/centos/fedora:

vortex IDS on RHEL/centos/fedora:

Following this greatly.

Add the fedora repo:

echo [fedora_repo] >> /etc/yum.repos.d/fedora_repo.repo #allow yum access to the fedora repo
echo name=fedora_repo >> /etc/yum.repos.d/fedora_repo.repo
echo baseurl=http://download1.fedora.redhat.com/pub/epel/\$releasever/\$basearch/ >> /etc/yum.repos.d/fedora_repo.repo
echo enabled=1 >> /etc/yum.repos.d/fedora_repo.repo
echo skip_if_unavailable=1 >> /etc/yum.repos.d/fedora_repo.repo
echo gpgcheck=0 >> /etc/yum.repos.d/fedora_repo.repo

Download and build:

yum -y install make gcc gcc-c++ libnids-devel libnet-devel libpcap-devel
wget http://sourceforge.net/projects/vortex-ids/files/latest/download?source=files
tar zxvf vortex-*.tgz
cd vortex-*
gcc vortex.c -lnids -lpthread -Wall -o /usr/local/sbin/vortex
gcc xpipes.c -lpthread -Wall -o /usr/local/bin/xpipes
  1. Carlos.
    May 7, 2014 at 6:56 am
    vortex-2.9.0# gcc vortex.c -lnids -lpthread -Wall -o vortex -O2
    /usr/bin/ld: /tmp/ccAeV5CF.o: referencia sin definir al símbolo 'pcap_stats'
    //usr/lib/x86_64-linux-gnu/libpcap.so.0.8: error adding symbols: DSO missing from command line
    collect2: error: ld returned 1 exit status
    • May 7, 2014 at 9:07 am

      Do you have libnet-devel libpcap-devel installed properly and available? This is likely environmental from what I’m reading.

      • Carlos
        May 7, 2014 at 10:38 am

        Thank you mbrownnyc.

        Sorry for my bad English. I’ve solved:

        /vortex-2.9.0# gcc vortex.c -lnids -lpthread -lpcap -lbsf -Wall -DWITH_BSF -o /usr/local/bin/vortex -O2

        Best regards,

      • May 8, 2014 at 8:38 am

        Your English is fine! I’m happy you got it working.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: