snort instalation for windows [Archive] - Antionline Forums - Maximum Security for a Connected World

Click to See Complete Forum and Search --> : snort instalation for windows

ele5125

August 7th, 2002, 12:41 AM

I have Windows 98 SE. I want to set up snort for windows. I downloaded all of the following:

WinPCap 2.3
Snort Snarf
Snort 1.8.6 for Windowz
Active Perl 5.6.1
MSI 2.0+
Nmake15

I was told I need the drivers that Winpcap has so windows can log my packets
I was told that I needed snort snarf to analize the log files that snort makes
I needed to download Active Perl so that Snort Snarf will work
I needed the MSI 2.0+ because my microsoft installer was old and could not install Active Perl
And I needed Nmake so I can compile the make files and stuff for snort snarf.

I found two sites for installing snort for windows systems. After following the directions I ran into problems when trying to use nmake to compile the make file for my time modules that come with Snort Snarf. It checked to see if my kit was complete which it was, but I got a syntax error.

C:\Perl\Bin\Perl.exe "-IC:\perl\lib" "-IC:\perl\lib" Makefile.pl

I get that error when I navigat to the C:\Snort\Snortsnarf\time-modules folder and type nmake.

Before I did that I typed perl makefile.pl

both perl and nmake are in my path variable in DOS

To set up the remainder of snort snarf I have been told to do this:

>From the prompt type: perl Makefile.PL
From the prompt type: nmake
From the prompt type: nmake test
From the prompt type: nmake install

Can anyone give me some advice?

ele5125

August 7th, 2002, 02:28 AM

I just did some research, the syntax error I am getting is

NMAKE : Fatal error U1081: 'false' : program not found

I looked up the error at http://www.compaq.com/fortran/docs/vf-html/rterr/rtnmak3.htm

It apears that my nmake utility is looking for a program called false and cannot find it. When I installed nmake15 all i did was download it to my windows directory, then run it and it inflated all the stuff into the windows directory. Any IdeaS?

AngryBob

August 7th, 2002, 05:24 AM

you have to have a web server for snort snarf. get apache if you cant get IIS. also, search google for Snort+NT+install....i know there are step by step instructions out there.

iNViCTuS

August 7th, 2002, 02:43 PM

My best advice would be to switch OS's. Windows (especially Windows 98) was not originally intented as a platform for Snort. Unfortunately I have actually tried it in the past for a customer who insisted on Windows. After 2 days of continuous errors and problems, I finally convinced him to try FreeBSD. After he agreed, we reformatted the box and had everything up and running within 2 hours.

It was a while ago when I tried this, so hopefully it has gotten better since.

Ice Czar

September 9th, 2002, 11:09 AM

Ive recently been playing around with UWIN
(on W2K) not eben sure it runs on 98, or course, that most likely would be just another level of complication?