need help in configuring snort on XP
Results 1 to 5 of 5

Thread: need help in configuring snort on XP

  1. #1
    Junior Member
    Join Date
    Aug 2003
    Posts
    5

    need help in configuring snort on XP

    Hi all,

    I've been trying to configure snort on my XP. I've spent practically the whole day reading the friggin snort manual... and to be honest I feel like running through the walls in my house. This is driving my crazy. I downloaded the the snort 2.0 version for win32. The Winpcap version I installed is err... winpcap_2_3 and the author's comments about the libnetNT driver was "LibnetNT Driver
    Certain snort functions, notably the FlexResp functions, will also require an
    appropriate version of LibnetNT to be installed in order for snort to operate
    properly. Snort 2.0 has been tested with the version of LibnetNT from August
    2001. The current installation package can be downloaded from:
    http://www.securitybugware.org/libnetnt/" I'm

    I'm pretty sure I installed the right one, though none of the download links stated that it was a release from "August 2001".

    C:\Snort\bin>snort.exe -c "C:\snort\etc\snort.conf" -l "C:\snort\Log" -A full -i 1 -d -e -X "C:\snort\etc\classification.config"
    Running in IDS mode
    Log directory = C:\snort\Log

    Initializing Network Interface \Device\Packet_NdisWanIp
    OpenPcap() device \Device\Packet_NdisWanIp network lookup:
    The operation completed successfully.

    ERROR: OpenPcap() FSM compilation failed:
    PCAP command: %s

    Fatal Error, Quitting..

    C:\Snort\bin>

    That is what I get when I execute the commands. Is there some other configurations that I need to do other then to include the correct rule path for snort.config. I hope I was explicit. Any tips would be greatly appreciated.

    1l31l2uTiCu$_
    "bad deeds spawns rebirth"
    "rebirth itself shall be denied with good deeds"


    \"Bad deeds spawns rebirth\"
    \"Rebirth itself shall be denied with good deeds\"

  2. #2
    Senior Member
    Join Date
    Jul 2003
    Posts
    634
    arhh this is pretty simple to fix you just havent installed WinPcap, this is one of the dependences, needed to install snort and quite a few other network tools on windows.

    here its website and its got loads of info

    http://winpcap.polito.it/

    what you done otherwise looks alrite to me, just install winPcap and see how it goes

    PM if you need any more help

    i2c

  3. #3
    Senior Member
    Join Date
    Jun 2003
    Posts
    188
    Actually snort for XP sucks do not deploy it. Use it just for learning otherwise you might run into trouble.

  4. #4
    Senior Member
    Join Date
    May 2003
    Posts
    159
    Buddy as pointed out by other members you will have to download Winpcap after that you need to set your Netwrok environment correctly in the conf files.....

    I am personally using Snort over, but as also rightly pointed just use it for learning purpose.

    Regards

    kalp
    ****** Any man who knows all the answers most likely misunderstood the questions *****

  5. #5
    Junior Member
    Join Date
    Aug 2003
    Posts
    5
    Thanks for the tips guys very grateful. It's working now ***HOMER SIMPSON*** Woohoo


    Best Regards,
    1l31l2uTiCuS
    \"Bad deeds spawns rebirth\"
    \"Rebirth itself shall be denied with good deeds\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides