RE: Attention: Win32 Users - Snort 1.8.6b121 Ready - W/Run As Service

["Hicks, John" <JHicks () JUSTICE GC CA>]

YEAH!!! Thanks *so* much :)

-----Original Message-----
From: Michael Steele [mailto:michaels () silicondefense com]
Sent: Thursday, May 30, 2002 1:10 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Attention: Win32 Users - Snort 1.8.6b121 Ready -
W/Run As Service


To all Windows users of Snort:

Please read all the notices below.

The latest 1.8.7b121 binaries have been compiled and are now available
on our site. There are 5 flavors available:

Snort 1.8.7b121 Release
Snort 1.8.7b121 MySQL Release
Snort 1.8.7b121 MySQL/FlexResp Release
Snort 1.8.7b121 FlxResp Release
Snort 1.8.7b121 MSSQL Release

NOTICE: The "Run As Service" has been compiled into this update. This
option is ONLY available for the Windows 2000's, XP, and NT Server. The
basic usage is as follows:

Note: COMPLETELY remove any previous installation of Snort running as a
service, even Registry settings, then reboot. If you have any concerns
or questions, please don't hesitate to email me.

There are three command switches that Snort uses for the Service
activation. 

/SERVICE /INSTALL 
/SERVICE /UNINSTALL 
/SERVICE /SHOW 

Explanation of Service options:

CAUTION: All the switches MUST be used from the folder that Snort is
located in. If Snort is located in C:\Snort then navigate to that folder
and type the command from there.

This will install Snort as a service with the specified parameters: 
"snort /SERVICE /INSTALL -de -c <FULL PATH>\snort.conf -l <FULL
PATH>\logs" 

This will remove snort as a service: 
"snort /SERVICE /UNINSTALL" 

This will display the parameters: 
"snort /SERVICES /SHOW
 
> From the Start Menu go to Programs / Administrative Tools and Open the
Services applet in Administrative Tools.  Select Snort from the services
window, right click on Snort, choose Properties, and under startup type
select Automatic (this will allow snort to be active when there is no
one logged on). 

Note: If you want to stop or start the service from a command prompt
use: 

"net stop snort" 
"net start snort" 

Note: If you want to change the parameters then you must use: 

Take Snort down: net stop snort

snort /SERVICE /UNINSTALL 
snort /SERVICE /INSTALL < NEW PARAMETERS >

Bring Snort back up: net start snort

A Big THANK YOU to Chris Ried for this...

NOTICE: The latest WinPcap has gone gold! Version 2.3
http://netgroup-serv.polito.it/winpcap/

NOTICE: LibnetNT.dll can be found at: 
http://www.securitybugware.org/libnetnt/

NOTICE to all our clients: We will ONLY be supporting the RELEASE
versions of Snort 1.7.1, Snort 1.8.1, Snort 1.8.2, 1.8.3, and 1.86 at
this time.

Link to Downloads:
http://www.silicondefense.com/techsupport/downloads.htm

Link to Documentation:
http://www.silicondefense.com/techsupport/windows.htm

-Michael
--
 Michael Steele | Support Technician
 mailto:michaels () silicondefense com
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org





_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users