Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New user to Snort . . .

From: Giles Coochey via Snort-users <snort-users () lists snort org>
Date: Tue, 16 Oct 2018 16:11:50 +0100


On 16/10/2018 15:23, Russ via Snort-users wrote:

Adding to Joel's comment:
Linux is a much better choice for Snort IMO and the only way to get all the features since some are not supported on Windows.  It is also the only way to get Snort 3, which I recommend.  That said you could try WSL and many folks have successfully built and run Snort 2 on Windows.  Another plug for Snort 3: you get a suite of tests with configs and pcaps that demonstrate various features. You can get it from snort.org or https://github.com/snort3.
I was going to reply with the Linux suggestion, but then noticed that the OP has stressed the amount of focused experience he has had with the Microsoft platform, and decided against giving the advice to try Snort on Linux.
However, seeing as you have gone ahead and done that, and if his interest is in the field of network security monitoring and not just snort itself, then I would recommend Securityonion - it is available as an installable ISO, includes an install of snort, and comes pretty much ready to roll after completing a couple of Microsoft-like wizard setup applets. So a minimum amount of Linux knowledge is required to get going. 

https://securityonion.net/
It also includes the dashboard & web applications to view and present the information that snort and the other tools are gathering (commenting on the OPs statement that he would need to install apache on Windows - strictly speaking you don't need a Web server, to run snort, you can run it on the CLI and log events to syslog, database, etc...) and snort has no use for a web server, you would need another tool to do that for you. 

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Previous By Date Next
Previous By Thread Next

Current thread: