Printable View
I am trying to set up snort on my winxp pro box and I am just lost. I don't know how to configure. I turned it on and played with the ruleset file but I don't understand it. I simply want it to log everything that happens on my home lan and my internet link. I have a motorola sb4100 cable modem plugged into a linksys router to share the connection. How do I get it to monitor everything but no alerts. I already have norton personal firewall set to alert me.
ohman- you asked a mouthfull look here this should do it better than anyone else.
http://www.silicondefense.com/techsu...acid_1.8.3.htm
put it on linux... it works better :)
Do you want to log every packet or simply alert on signature matches? Capturing every packet on your local network could generate a rather large file.
A command you can use to get started would be: 'snort -dvi eth0' (Substitute eth0 for your NIC information). This is from the Snort FAQ which is located at http://www.snort.org/docs/faq.html
Once you work through the rule logic Snort becomes very easy to work with. Let me know if I can be any further assistance.
