I've been trying to configure snort on my XP. I've spent practically the whole day reading the friggin snort manual... and to be honest I feel like running through the walls in my house. This is driving my crazy. I downloaded the the snort 2.0 version for win32. The Winpcap version I installed is err... winpcap_2_3 and the author's comments about the libnetNT driver was "LibnetNT Driver
Certain snort functions, notably the FlexResp functions, will also require an
appropriate version of LibnetNT to be installed in order for snort to operate
properly. Snort 2.0 has been tested with the version of LibnetNT from August
2001. The current installation package can be downloaded from:
I'm pretty sure I installed the right one, though none of the download links stated that it was a release from "August 2001".
C:\Snort\bin>snort.exe -c "C:\snort\etc\snort.conf" -l "C:\snort\Log" -A full -i 1 -d -e -X "C:\snort\etc\classification.config"
Running in IDS mode
Log directory = C:\snort\Log
Initializing Network Interface \Device\Packet_NdisWanIp
OpenPcap() device \Device\Packet_NdisWanIp network lookup:
The operation completed successfully.
ERROR: OpenPcap() FSM compilation failed:
PCAP command: %s
Fatal Error, Quitting..
That is what I get when I execute the commands. Is there some other configurations that I need to do other then to include the correct rule path for snort.config. I hope I was explicit. Any tips would be greatly appreciated.
"bad deeds spawns rebirth"
"rebirth itself shall be denied with good deeds"