Snort mailing list archives
RE: Win98 Internet Connection Sharing
From: "Burleson, Lee (IA)" <Lee.Burleson () ia ngb army mil>
Date: Tue, 5 Jun 2001 13:00:51 -0500
Andy - I believe that you need to specify an interface _number_, not a name. Try "snort -W" for a list of them. Additionally, you need to install the latest WinPcap . I don't remember the URL, but an archive search would easily reveal it. - Lee
-----Original Message----- From: Andy Duncan [mailto:andyduncan () motives co uk] Sent: Tuesday, June 05, 2001 9:13 AM To: Snort-Users Maillist (E-mail) Subject: [Snort-users] Win98 Internet Connection Sharing Hi, I have been using snort successfully on Linux for a while now, and this weekend I attempted to add some protection to my windows 98 'firewall' running Internet Connection Sharing (I know, I know, but my USB ADSL modem doesn't work under Linux). I'm not 100% sure of the details here as win98 networking isn't my thing, but the interface that seems to get the external ip is called ICSSHARE. However, starting snort using this interface results in a message along the lines of: Using interface ICSSHARE. Cannot open interface. Snort stops at this point and the machine often freezes. snort command line: snort -c snort.conf -l log\ -i 7 (Apologies for the vagueness, I'm at work atm and doing this from memory) Attaching to any other interface results in either snort exiting or no alerts being logged. Is snorting an ICS interface possible, or am I in a world of hurt? TIA, Andy PS. I've got a FreeBSD ISO on the way which will hopefully make all this academic :) _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Win98 Internet Connection Sharing Andy Duncan (Jun 05)
- <Possible follow-ups>
- RE: Win98 Internet Connection Sharing Burleson, Lee (IA) (Jun 05)
- RE: Win98 Internet Connection Sharing Andy Duncan (Jun 05)
- RE: Win98 Internet Connection Sharing Burleson, Lee (IA) (Jun 06)