RE: Attention: Win32 Users - Snort 1.8.7 "STABLE RELEASE" Binaries Available

["Michael Steele" <michaels () silicondefense com>]

Rich,

Ok, I removed it. There was a lot of confusion on those last two
updates.

Regarding the error, can you please report the error to the developers
list?

We have stream 4 operational with MySQL logging. What are you using in
your Snort.conf file for Stream 4? What do you mean "will gpf at
selected intervals"? Can this be reproduce? 

     -Michael

--
 Michael Steele | System Engineer / Support Technician | 1.707.445.4355
 Silicon Defense: Single & Multi Sensor IDS solutions
 mailto:michaels () silicondefense com | http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: Rich Adamson [mailto:radamson () routers com] 
Sent: Wednesday, July 10, 2002 9:05 AM
To: Michael Steele
Subject: Re: [Snort-users] Attention: Win32 Users - Snort 1.8.7 "STABLE
RELEASE" Binaries Available

7-10-02
Michael,

You might want to pull the windows build 127 from your web site. I had
downloaded it yesterday, and it gpf'ed frequently.  It reported itself
as build 128 (snort -V), but was a different size than what is now on
your website as the Stable release (also build 128).

Also, appears as though Steam4 has a serious issue in Windows. With it
functional, Win2kPro (with WinPcap v2.3) will gpf at selected intervals.
This is the barebones version with no other snort related applications
running except IDScenter v1.09beta. After disabling Stream4, I've not 
seen any gpf's (as yet). I've not reported this anywhere else other than
this email.

Rich Adamson
radamson () routers com

------------------------
  From: Michael Steele <michaels () silicondefense com>
  Subject: [Snort-users] Attention: Win32 Users - Snort 1.8.7 "STABLE
RELEASE" Binaries 
Available
  Date: Tue, 9 Jul 2002 10:18:36 -0700 
  To: snort-users () lists sourceforge net


> To all Windows users of Snort:
>
> Sorry for the confusion as I released Snort 1.87b127 the same day as
> Snort 1.8.7b128 was being released as the OFFICIAL "Snort 1.8.7 STABLE
> RELEASE".
>
> Please read all the notices below.
>
> The latest 1.8.7 STABLE binaries have been compiled and are now
> available on our site. There are now 6 flavors available:
>
> Snort-1.8.7-Win32_Barebones_Release
> Snort-1.8.7-Win32_Flexresp_Release
> Snort-1.8.7-Win32_MySQL_Flexresp_Release
> Snort-1.8.7-Win32_MySQL_MSSQL_Flexresp_Release
> Snort-1.8.7-Win32_MySQL_MSSQL_Release
> Snort-1.8.7-Win32_MySQL_Release
>
> NOTICE: There are now NEW options in stream4 and frag2 and to update
> your config files accordingly. This is the OFFICIAL Stable Release of
> Snort 1.8.7, so it would be wise to update your complete Snort install
> and copy back your custom settings to the new Snort.conf and any other
> files you may have customized.
>
> NOTICE: The "Run as Service" has been compiled into this update, and
is
> ONLY available for the following Windows environments:
>
> 1. 2000 Professional / 2000 Server Family
> 2. XP Pro / XP .NET Server Family
> 3. NT Server 4 (latest service pack).
>
> The basic usage is as follows:
>
> Note: COMPLETELY remove any previous installation of Snort running as
a
> service, even Registry settings, then reboot. If you have any concerns
> or questions, please don't hesitate to email me.
>
> There are three command switches that Snort uses for the Service
> activation. 
>
> /SERVICE /INSTALL 
> /SERVICE /UNINSTALL 
> /SERVICE /SHOW 
>
> Explanation of Service options:
>
> CAUTION: All the switches MUST be used from the folder that Snort is
> located in. If Snort is located in C:\Snort then navigate to that
folder
> and type the command from there.
>
> This will install Snort as a service with the specified parameters: 
> "snort /SERVICE /INSTALL -de -c <FULL PATH>\snort.conf -l <FULL
> PATH>\logs" 
>
> This will remove snort as a service: 
> "snort /SERVICE /UNINSTALL" 
>
> This will display the parameters: 
> "snort /SERVICES /SHOW
>  
> From the Start Menu go to Programs / Administrative Tools and Open the
> Services applet in Administrative Tools.  Select Snort from the
services
> window, right click on Snort, choose Properties, and under startup
type
> select Automatic (this will allow snort to be active when there is no
> one logged on). 
>
> Note: If you want to stop or start the service from a command prompt
> type: 
>
> "net stop snortsvc" 
> "net start snortsvc"
>
> Note: If you want to change the parameters then you must: 
>
> Take Snort down: net stop snortsvc
>
> snort /SERVICE /UNINSTALL 
> snort /SERVICE /INSTALL < NEW PARAMETERS >
>
> Bring Snort back up: net start snortsvc
>
> A Big THANK YOU to Chris Reid for this...
>
> NOTICE: The latest WinPcap has gone gold! Version 2.3
> http://netgroup-serv.polito.it/winpcap/
>
> NOTICE: LibnetNT.dll can be found at: 
> http://www.securitybugware.org/libnetnt/
>
> NOTICE to all our clients: We will ONLY be supporting the STABLE
> RELEASES of Snort 1.7.1, Snort 1.8.1, Snort 1.8.2, 1.8.3, 1.86, and
1.87
> at this time.
>
> Link to Downloads:
> http://www.silicondefense.com/techsupport/downloads.htm
>
> Link to Documentation:
> http://www.silicondefense.com/techsupport/windows.htm
>
> -Michael
> --
>  Michael Steele | System Engineer / Support Technician
>  mailto:michaels () silicondefense com
>  Silicon Defense: IDS solutions - http://www.silicondefense.com
>  Snort: Open Source Network IDS - http://www.snort.org
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Stuff, things, and much much more.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

---------------End of Original Message-----------------






-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users