Snort mailing list archives
Re: Windows support
From: "Michael Steele" <michaels () winsnort com>
Date: Sun, 12 Aug 2007 10:54:00 -0400
Dr. Govindavajhala, Welcome to the unique world of Snort and Intrusion Detection. What you are requesting is fairly simple to explain. 1) After installing WinPcap and Snort, use the -W switch to gather all the information on the existing interfaces. The display will list them in numerical order. You will need to use the number in your Snort run line in order for Snort to properly link that interface. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= D:\win-ids\snort\bin>snort -W ,,_ -*> Snort! <*- o" )~ Version 2.7.0-ODBC-MySQL-FlexRESP-WIN32 (Build 35) '''' By Martin Roesch & The Snort Team: http://www.snort.org/team.html (C) Copyright 1998-2007 Sourcefire Inc., et al. Interface Device Description ------------------------------------------- 1 \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture) 2 \Device\NPF_{1CE13DC9-604B-4499-8A4D-0B05CD65B717} (VMware Accelerated AMD PCNet Adapter (Microsoft's Packet Scheduler) ) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= An example would be: snort -v -i2 The above example would run Snort in verbose mode on adapter 2 Kindest regards, Michael... WINSNORT.com Management Team Member -- ****************** Established ~ 2001 ******************* * Visit Us @ <http://www.winsnort.com> http://www.winsnort.com * * ~~ FREE WinIDS Snort installation guides ~~ * * ~~ FREE support forums ~~ * * Snort: Open Source Network IDS - <http://www.snort.org> http://www.snort.org * ********************************************************* From: snort-users-bounces () lists sourceforge net [mailto:snort-users-bounces () lists sourceforge net] On Behalf Of sudhakar govindavajhala Sent: Saturday, August 11, 2007 9:37 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Windows support Hello all, I am a newbie to Snort. How well is Snort supported on Windows? I am able to run Snort in Linux. But, I am not able to make it run on Windows. The problem is that I am not able to tell Snort which interface to use using the -i switch. How do I figure out the interface name in Windows. Windows shows "Wireless Network Connection 1", "Wireless Network Connection 2", etc. while I should be saying something like wnc1, wnc2, eth0, eth1, ppp0, etc. How do I get the name of interface in Windows that I can pass it on to Snort? How is Windows support in Snort? Thank you, Sudhakar Dr. Sudhakar Govindavajhala Researcher, Princeton University http://www.cs.princeton.edu/~sudhakar/
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Windows support sudhakar govindavajhala (Aug 11)
- Re: Windows support Jason (Aug 12)
- Re: Windows support Michael Steele (Aug 12)