-
June 12th, 2005, 09:18 PM
#11
Junior Member
hi, S3cur|ty4ng31. i downloaded for the snort-2.3.3 but i just can't get any Win32 distribution that for referencing. can u direct me to the referen tat can help me function the snort.. thx for helping...
-
June 13th, 2005, 04:57 PM
#12
heres a direct link
Latest Win32 Snort Installer Package
you will still need to get WinPcap 3.0 if you havent already
WinPcap 3.0
That which does not kill me makes me stronger -- Friedrich Nietzche
-
June 13th, 2005, 09:56 PM
#13
If you decide not to take TS's advice and go for something simplier...I'd advise you check out this site...
http://archives.neohapsis.com/archiv...4-07/0445.html
Neohapsis Archives - Snort Discuss - #0445 - RE: [Snort-users] No Alerts in Windows w/ Snort 2.20 RC1
Eg
-
June 13th, 2005, 10:08 PM
#14
Snail: You weren't "troubling me".
The simple fact is that your inability to get the system working doesn't bode well for your ability to understand it's output.
Simple questions for you to ask to yourself:-
1. If you go through the Snort rules one by one without even looking at the documentation for each rule can you determine from the rule what it is detecting, why and what the potential consequences are?
2. Then try reading the documentation for each rule and see if you can work out the same.
3. Even if you manage to work it out can you determine how you would find out if the attack were successful or not?
Snort is not and Intrusion Prevention System. It does _nothing_ to protect you... It doesn't care about you or your security policy... It simply sits there and watches the data stream and giggling every time it sees an exploit fly by. Yes, it'll tell you "Guess what, Skiddie #7 just attacked your primary web server with <insert exploit here>.... Buuuuummer....."
Learning about it is all very well and I applaud you for it.... If you study Snort as a vehicle to understand networking, exploits, information gathering etc. then good.... great.... But don't try to use it as a defensive system without using actual defensive systems that work automatically without any input by you.
If you do it'll end in tears......
'nuff said?
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|