Enabling Full Packet Capture - Snorby/snorby GitHub Wiki
OpenFPC is kickass. www.openfpc.org
We have to take care of the dependencies first:
sudo apt-get install apache2 daemonlogger tcpdump tshark libarchive-zip-perl libfilesys-df-perl libapache2-mod-php5 php5-mysql libdatetime-perl libdbi-perl libdate-simple-perl php5-mysql libterm-readkey-perl libdate-simple-perl
To be a real NSM badass, you'll want cxtracker (http://gamelinux.github.com/cxtracker/) to support session data. The latest version should always be located here: http://github.com/gamelinux/cxtracker/tarball/master.
tar -zxvf gamelinux-cxtracker-* cd gamelinux-cxtracker*/src make cp cxtracker /usr/local/sbin/
Download in install the latest from http://code.google.com/p/openfpc/downloads/list. The latest install docs (or screen cast) can be found here: http://www.openfpc.org/documentation/install.
After downloading, extract and install.
tar -zxvf openfpc-*.tgz cd openfpc*/ sudo ./openfpc-install.sh install