how to get windows xp snort ids installed properly

pretorian2kpretorian2k Member Posts: 5 ■□□□□□□□□□
whos the ids snort master


  • Options
    PlantwizPlantwiz Mod Posts: 5,057 Mod
    whos the ids snort master

    Funny I was just reading a post about a similar post elsewhere last night....

    Have you tried the Snort Forums?
    "Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux

    ***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.

    'i' before 'e' except after 'c'.... weird?
  • Options
    keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    I deploy and use snort, but only in a linux environment my friend, so I wouldn't be able to help you with the Windows XP setup.
  • Options
    WebmasterWebmaster Admin Posts: 10,292 Admin
    No Snort master as you requested, but this should get you started (though there is more to it):

    1. Download Snort from:

    2. Install by running the download .exe

    3. Download and install WinPcap 3.0 (sniffer):

    4. Download and install LibnetNT Drivers (required for advanced funtionality only, i.e. injection of TCP reset packets)

    5. Go to command line (Start, Run, cmd) and navigate to the Bin folder inside the Snort installation

    folder (i.e. c:\snort\bin)

    6. Run snort.exe to check parameters

    7. Run snort.exe /SERVICE /INSTALL with desired options
    (i.e. assign interface, log dir (required, set to c:\snort\log\ for example) /file, log type)
    You don't need to install it as a service btw (i.e. leave out /service /install)

    8. After the installation you can find a faq.pdf in the snort\doc\ folder, check out the section How to start Snort as a win32 service?

    9. Download and install IDS Policy Manager For Windows 2000/XP (since your running it on Windows, why not use a GUI for the rules :))

    10. Have fun!
Sign In or Register to comment.