how to get windows xp snort ids installed properly
pretorian2k
Member Posts: 5 ■□□□□□□□□□
in Off-Topic
Comments
-
Plantwiz
Mod Posts: 5,057 Mod
pretorian2k wrote:whos the ids snort master
Funny I was just reading a post about a similar post elsewhere last night....
Have you tried the Snort Forums?Plantwiz
_____
"Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux
***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.
'i' before 'e' except after 'c'.... weird? -
keatron
Member Posts: 1,213 ■■■■■■□□□□
I deploy and use snort, but only in a linux environment my friend, so I wouldn't be able to help you with the Windows XP setup. -
Webmaster
Admin Posts: 10,292 Admin
No Snort master as you requested, but this should get you started (though there is more to it):
1. Download Snort from:
www.snort.org/dl/binaries/win32/
2. Install by running the download .exe
3. Download and install WinPcap 3.0 (sniffer):
http://winpcap.polito.it/install/default.htm
4. Download and install LibnetNT Drivers (required for advanced funtionality only, i.e. injection of TCP reset packets)
www.eeye.com/html/Research/Tools/libnetnt.html
5. Go to command line (Start, Run, cmd) and navigate to the Bin folder inside the Snort installation
folder (i.e. c:\snort\bin)
6. Run snort.exe to check parameters
7. Run snort.exe /SERVICE /INSTALL with desired options
(i.e. assign interface, log dir (required, set to c:\snort\log\ for example) /file, log type)
You don't need to install it as a service btw (i.e. leave out /service /install)
8. After the installation you can find a faq.pdf in the snort\doc\ folder, check out the section How to start Snort as a win32 service?
9. Download and install IDS Policy Manager For Windows 2000/XP (since your running it on Windows, why not use a GUI for the rules
)
www.activeworx.org/programs/idspm/
10. Have fun!