Snort mailing list archives
RE: no modem
From: "Michael Steele" <michaels () silicondefense com>
Date: Mon, 4 Nov 2002 15:02:07 -0800
Spencer, It would be best to use Snort, because WinDump is not 100%. 1) Install WinPcap 2) Install Snort Note: Go to Start / Run and type command then enter 3) # snort -W Note: That will give you a list of interfaces (1, 2, 3 etc.) 4) # snort -v -ix Note: the x in -ix is the number of the interface you want Snort to sniff off of. You should see all kinds of traffic going by in the command window, if not go into your browser and browse some web pages. Note: CTRL/C will exit with a nice display of traffic analysis. -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Matt Kettler Sent: Monday, November 04, 2002 2:48 PM To: Joecat28 () aol com; snort-users () lists sourceforge net Subject: Re: [Snort-users] no modem My first suggestion if your doing windows is to get winpcap installed, and try to make windump work first. Windump is a much simpler application than snort and it's much easier to see if it is getting data or not. It's also got less configuration to deal with :) Windump -D will provide a list of interfaces, and you'll likely need to try a couple different ones (by running windump -i <interfacename>) until you find the "right" one for your dialup. Once you know what the interface is named, then you can try to get snort running on that interface. At 05:11 PM 11/4/2002 -0500, Joecat28 () aol com wrote:
hi, don't know if this is in the archives...couldn't access them for
some
reason... How can i use snort to monitor my dial up modem connection on win xp? thanks, =Spencer Whitman
------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.net email is sponsored by: ApacheCon, November 18-21 in Las Vegas (supported by COMDEX), the only Apache event to be fully supported by the ASF. http://www.apachecon.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- no modem Joecat28 (Nov 04)
- Re: no modem Matt Kettler (Nov 04)
- <Possible follow-ups>
- RE: no modem Michael Steele (Nov 04)