Snort mailing list archives
Re: How to use snort as ips in window 7
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Sun, 21 May 2017 21:27:46 +0000
Ips on Windows is not supported in Snort today. Not something we've ever pursued. -- Sent from my iPhone
On May 21, 2017, at 16:44, zaib khan <zaibkhan200 () gmail com> wrote: I have already install snort But some rules are not working for me Like drop connection in tcp syn flood attack etcOn May 22, 2017 12:19 AM, "J Doe" <general () nativemethods com> wrote: Hi Zaib, Your last message (please see below), did not include a body. I amassuming your question is therefore the subject line, which is "how to use as IPS in win 7".For installation on Windows, WinSnort.com (linked to from snort.org), maybe your best bet [1]. Note that it mentions using Snort as an IDS and not as an IPS as your subject referenced. AFAIK winpcap (a libpcap implementation via a driver for Windows), does not support injection, but it may be possible to have a script monitor Snort's output and update the Windows Firewall (PowerShell ?)You may find it more beneficial placing Snort on a *nix box, inline, infront of your Win 7 host(s), as blocking and normalization are then available. There is much more third-party support/tools for *nix hosts.Sources: [1]http://www.winsnort.com/forum/7-support-forums-for-installing-a-3264-bit-windows-7-8x-10-2008-2013-2016-intrusion-detection-system-winids/- JOn May 21, 2017, at 2:57 PM, zaib khan <zaibkhan200 () gmail com> wrote: <snort-users () lists sourceforge net>------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- How to use snort as ips in window 7 zaib khan (May 21)
- Re: How to use snort as ips in window 7 J Doe (May 21)
- Re: How to use snort as ips in window 7 zaib khan (May 21)
- Re: How to use snort as ips in window 7 Joel Esler (jesler) (May 21)
- Re: How to use snort as ips in window 7 zaib khan (May 21)
- Re: How to use snort as ips in window 7 J Doe (May 21)