Snort
Results 1 to 10 of 10

Thread: Snort

  1. #1
    Senior Member
    Join Date
    Dec 2001
    Posts
    304

    Snort

    I just downloaded and installed snort for windows and am having a bit of trouble. I installed it and then ran the snort file that configures everything threw the dos prompt. It finished and said that it was complete. The problem is that there is no Icon for snort anywhere to open it, it is not listed in Task Manager as being active but it is listed in ad/remove programs so it is installed. Is there supposed to be an icon for it or some indication that it is set up and working. Is there anything that I can do to see if it logs anything. I allready did a port scan and got nothing.

    Any help would be apreciated

    Thanks in advance
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  2. #2
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Never tried to run snort in windows, but it is probably installed as a service. For NT check in control panel -> services, for win2k : control panel -> administrative tools -> services...

    Hope that helps,

    neb
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    304
    Thanks
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  4. #4
    Member
    Join Date
    Jun 2002
    Posts
    44
    Where did you get the windows version of snort from? Is it from http://winpcap.polito.it/
    -Hadoob024-

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    304
    no i got it from http://www.snort.org/dl/binaries/ but you do need winpcap installed to use it.
    Violence breeds violence
    we need a world court
    not a republican with his hands covered in oil and military hardware lecturing us on world security!

  6. #6
    Junior Member
    Join Date
    Jul 2002
    Posts
    2
    For Windows versions of snort try www.silicondefense.com.

  7. #7
    Banned
    Join Date
    Apr 2002
    Posts
    149
    from what i remember you start snort from a command line.

  8. #8
    Junior Member
    Join Date
    Jul 2002
    Posts
    2
    I have used two versions for windows. One uses the windows installer and has a GUI
    and the other runs from a command prompt. these are all at silicondefense under
    downloads

  9. #9
    What is snort????????

  10. #10
    Junior Member
    Join Date
    Jan 2002
    Posts
    11
    Answer to the last question first, snort is an IDS = Intrusion
    Detection System. Basically a network sniffer that has signatures
    of known host and network attacks. These signatures come in the
    form of rules or plug-ins each meant to look for the "signature" of
    a specific attack.

    Original question - definately refer to silicondefense.com (referred to
    in one of the above posts) if you will be using windows version.
    Just installing snort will not get you all the way to where you want to
    be, you need a log analyser/viewer, something to distill and make
    sense of all of the alerts. I use snort with snarf to do this. silicon
    defense has a great step by step to get this going. There is another
    way besides command line to use snort for windows, an application
    called IDSCenter - tried it, looks ok, but I prefer the snarf method.
    Pretty cool stuff! The maker of snort just went commercial, selling
    a preconfigured box with support if you need it.

    The step by step is found under the tech support > windows snort
    support area of the s.d. website.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •