|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] ubuntu apt_get
|
> On Tue, 25 Aug 2009, Ron Kaye Jr wrote:
>
>> i am just getting up to speed on ubuntu
>> i want to install snort
>> i can of course download , expand tarball etc
>>
>> can i use an apt_get command to go out and grab it/ install it, etc?
First, as other people have subtly pointed out, it's apt-get, not apt_get.
Second, apt-get is the "old" tool. The "new" one is called aptitude.
There is (of course) some debate over which is preferred or "best."
Personally I use aptitude, but many long-time Debian folks still use
apt-get out of habit. The most important part is to pick one and use
it, don't switch back and forth.
There are various GUI tools (Applications, Add/Remove) as well, but I
prefer the command line. Also, these are all binary package managers,
so there is no compiling involved. That's quicker and easier, at the
cost of being less tailored to your particular needs and environment.
Gentoo and the *BSD "ports" collections do it differently. Rather than
downloading pre-compiled binaries, you download the source, patches,
hints and other stuff then automagically compile for your
environment/needs. That can result in more custom tools that run a bit
faster, but also can be a hassle. You'll learn a lot though...
Third, if you have a background in RPM, I think you will find
http://www.jpsdomain.org/linux/apt.html very useful. Even if you don't,
that table will give you an idea of the things you can do. I also have
a "cheater/wrapper" script called 'deb' that consolidates some useful
APT-type functions.
Fourth, as you may know packages in the repos tend to lag behind the
current version, sometimes by a lot. That's often a good thing, for
stability and support (LTS), but for certain things that evolve quickly,
like Snort, that won't always work. If you are just messing around, no
big deal. If you want to use Snort in Enterprise production, that may
be an issue. (I'd also go with Debian, CentOS, a *BSD or possibly one
of the custom "security appliance" distros, instead of Ubuntu, for that
purpose.) Some large projects (e.g., OpenOffice) have Launchpad PPAs
for more current versions, but I don't think Snort/Sourcefire does (I
haven't looked either).
Fifth, I wrote a bunch of stuff on Snort for SearchSecurity.com several
years ago. It's getting pretty old now, but some of it will still be
useful. In particular, OinkMaster is an awesome little (perl-based)
tool for updating Snort rules.
Good luck,
JP
----------------------------|:::======|-------------------------------
JP Vossen, CISSP |:::======| http://bashcookbook.com/
My Account, My Opinions |=========| http://www.jpsdomain.org/
----------------------------|=========|-------------------------------
"Microsoft Tax" = the additional hardware & yearly fees for the add-on
software required to protect Windows from its own poorly designed and
implemented self, while the overhead incidentally flattens Moore's Law.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|