|
-
August 31st, 2004, 11:16 PM
#1
Snort
What is better at IDS: WinSnort (here) or Snort (here)?
Also does anyone know of good setup/usage tutorials for Snort on Windows XP?
-
September 1st, 2004, 12:02 AM
#2
have you read the faq's on the winsnort page?
-
September 1st, 2004, 12:46 AM
#3
Yep read the page. You will find there is ONLY ONE, Padawan.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
September 1st, 2004, 01:02 PM
#4
Actually if you walk into Borders or Barns and Noble, the SNORT 2.0 book will be right there on the shelf. The 2.1 version is out, but here is the info on 2.0
Snort 2.0 Intrusion Detection
Paperback: 523 pages
Publisher: Syngress; 1 edition
ISBN: 1931836744
And someone just sold it on eBay for $6.
~ I'm NOT insane! I've just been in a bad mood for the last 30 years! ~ Somepeople are like Slinky's: Not good for anything, but the thought of pushing them down the stairs brings a smile to your face!
-
September 1st, 2004, 01:11 PM
#5
Thanks, but which is better WinSnort or Snort? And is the Snort book for Linux OS or any?
J_K9
-
September 1st, 2004, 01:18 PM
#6
Covers both.
http://www.amazon.com/exec/obidos/AS...roduct-details
read the reviews.
Not to be rude, but ya think you can take 5 minutes and look it up yourself?
~ I'm NOT insane! I've just been in a bad mood for the last 30 years! ~ Somepeople are like Slinky's: Not good for anything, but the thought of pushing them down the stairs brings a smile to your face!
-
September 1st, 2004, 01:52 PM
#7
They are the same bloody thing...... except this site is clearly more pro WinX yet it still has the binaries for *nix etc.
Snort is a *nix tool that has been ported to Win32. As such the ways of handling it and receiving/seeing it's output can differ a little. This site is just more dedicated to the windows versions.
BTW, the FAQ's don't tell you a thing that the FAQ'a and docs at www.snort.org don't.
Don\'t SYN us.... We\'ll SYN you..... 
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
September 1st, 2004, 03:54 PM
#8
Thanks, and sorry MrCoffee I've just been having a bad day! 
-
September 16th, 2004, 03:10 PM
#9
Member
Much of the "which is better" question is answered by stating which is your preferred OS?
I use SNORT/Linux, and it performs perfectly. So I can tell you that the nix version runs well.
If your preferred OS is Windows however, then there's your answer -- use Winsnort.
- aftiel
-
September 16th, 2004, 03:59 PM
#10
As has been said, its the same thing, just two different platforms, and they are both utterly useless (in an IDS sense) unless you monitor them, keep them updated, and have procedures in place to deal with what happens when you find something., otherwise you just get a box that runs out HD space very quickly...
Of course if you just want to run it at home then don`t worry so much about the procedures, but do keep in mind that you need to monitor it.
Quis custodiet ipsos custodes
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote