Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort win2k run as service

From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 26 Dec 2001 22:36:00 -0800
Do a cut of your actual run command line in the registry, then from a
command prompt in the actual Snort folder do a paste and see if it runs
from there.

-Mike
 
        Commercial Snort Support
              1.866.41.SNORT
Silicon Defense - www.silicondefense.com
Michael Steele - Snort Support Technician

Peter -

Try www.firedaemon.com

Works much better.  Of course, if there's a problem with Snort itself,
that's a different story.

- Lee

-----Original Message-----
From: Sixonetonoffun1 () aol com [mailto:Sixonetonoffun1 () aol com]
Sent: Thursday, December 20, 2001 5:31 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Snort win2k run as service


win2k sp2 blah blah
Snort 1.8.3 flex-resp
IDS center 
MySQL
ACID
ADODB
PHPLot

Ok for about 2 1/2 weeks I've been using Snort playing with it so to
speak. 
Now I would like to change from IDS Center starting Snort to running as
a 
service. I believe I followed  siliconedefense instructions and am
logged on

with administrative privilege. But fail to be able to start snort this
way. 
Am I missing something ? instsrv.exe ran with no error and srvany.exe 
reported no error. Here's the reg key as exported. 
 

Thanks, Peter

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\snort]
"Type"=dword:00000010
"Start"=dword:00000002
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):46,00,3a,00,5c,00,57,00,49,00,4e,00,4e,00,54,00,5c,00
,73,
00

,\
  72,00,76,00,61,00,6e,00,79,00,2e,00,65,00,78,00,65,00,00,00
"DisplayName"="snort"
"ObjectName"="LocalSystem"
"Description"="IDS"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\snort\Parameters ]
"AppParameters"=" -c C:\\Snort\\Snort\\snort.conf -l C:\\Snort\\Snort -i
1
-p"
"AppDirectory "="C:\\Snort\\Snort"
"Application "="C:\\Snort\\Snort\\Snort.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\snort\Security]
"Security"=hex:01,00,14,80,a0,00,00,00,ac,00,00,00,14,00,00,00,30,00,00,
00,0
2,
\
 
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,
00,\
 
00,00,02,00,70,00,04,00,00,00,00,00,18,00,fd,01,02,00,01,01,00,00,00,00,
00,\
 
05,12,00,00,00,20,02,00,00,00,00,1c,00,ff,01,0f,00,01,02,00,00,00,00,00,
05,\
 
20,00,00,00,20,02,00,00,78,f0,0d,00,00,00,18,00,8d,01,02,00,01,01,00,00,
00,\
 
00,00,05,0b,00,00,00,20,02,00,00,00,00,1c,00,fd,01,02,00,01,02,00,00,00,
00,\
 
00,05,20,00,00,00,23,02,00,00,78,f0,0d,00,01,01,00,00,00,00,00,05,12,00,
00,\
  00,01,01,00,00,00,00,00,05,12,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\snort\Enum]
"0"="Root\\LEGACY_SNORT\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: