-
July 9th, 2002, 10:23 PM
#1
Snort
I just downloaded and installed snort for windows and am having a bit of trouble. I installed it and then ran the snort file that configures everything threw the dos prompt. It finished and said that it was complete. The problem is that there is no Icon for snort anywhere to open it, it is not listed in Task Manager as being active but it is listed in ad/remove programs so it is installed. Is there supposed to be an icon for it or some indication that it is set up and working. Is there anything that I can do to see if it logs anything. I allready did a port scan and got nothing.
Any help would be apreciated
Thanks in advance
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
July 9th, 2002, 10:34 PM
#2
Never tried to run snort in windows, but it is probably installed as a service. For NT check in control panel -> services, for win2k : control panel -> administrative tools -> services...
Hope that helps,
neb
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
-
July 9th, 2002, 10:50 PM
#3
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
July 10th, 2002, 12:02 AM
#4
Member
Where did you get the windows version of snort from? Is it from http://winpcap.polito.it/
-
July 10th, 2002, 12:26 AM
#5
no i got it from http://www.snort.org/dl/binaries/ but you do need winpcap installed to use it.
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
July 10th, 2002, 02:03 AM
#6
Junior Member
For Windows versions of snort try www.silicondefense.com.
-
July 10th, 2002, 02:20 AM
#7
from what i remember you start snort from a command line.
-
July 10th, 2002, 08:43 PM
#8
Junior Member
I have used two versions for windows. One uses the windows installer and has a GUI
and the other runs from a command prompt. these are all at silicondefense under
downloads
-
July 10th, 2002, 11:51 PM
#9
-
July 11th, 2002, 03:55 AM
#10
Junior Member
Answer to the last question first, snort is an IDS = Intrusion
Detection System. Basically a network sniffer that has signatures
of known host and network attacks. These signatures come in the
form of rules or plug-ins each meant to look for the "signature" of
a specific attack.
Original question - definately refer to silicondefense.com (referred to
in one of the above posts) if you will be using windows version.
Just installing snort will not get you all the way to where you want to
be, you need a log analyser/viewer, something to distill and make
sense of all of the alerts. I use snort with snarf to do this. silicon
defense has a great step by step to get this going. There is another
way besides command line to use snort for windows, an application
called IDSCenter - tried it, looks ok, but I prefer the snarf method.
Pretty cool stuff! The maker of snort just went commercial, selling
a preconfigured box with support if you need it.
The step by step is found under the tech support > windows snort
support area of the s.d. website.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|