Snort mailing list archives
Re: Win32 Port of Snort
From: "Chris Reid" <Chris.Reid () CodeCraftConsultants com>
Date: Mon, 20 May 2002 15:13:25 -0600
I've added support for proper Win32 services in snort 1.9 (without any dependency on srvany, etc). This has already been added to CVS (as of mid-March 2002). Michael Steele is in the final stages of back-porting this functionality to 1.8. I'm not sure about when/if he plans on releasing this functionality -- you'd have to check with him. The '-l' switch is not used for the Win32 service in snort 1.9. Other command-line parameters are used instead. Get the 1.9 source code from CVS to see this functionality. Chris Reid ----- Original Message ----- From: "McCammon, Keith" <Keith.McCammon () eadvancemed com> To: "Michael J Worden" <mjworden () raytheon com>; <snort-users () lists sourceforge net> Sent: Monday, May 20, 2002 2:25 PM Subject: RE: [Snort-users] Win32 Port of Snort Not sure about 1, but as far as 2 is concerned, just deactivate (un-check) TCP/IP on your monitoring interface within the network connection properties. -----Original Message----- From: Michael J Worden [mailto:mjworden () raytheon com] Sent: Monday, May 20, 2002 4:04 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Win32 Port of Snort I'm in the process of comparing the functionality of Snort for Win32 (on Windows 2000) with the versions I've been running on Linux for some time. I'm finding Snort on Win32 almost useable with a few exceptions (of course, I'm just getting started...): My two big questions are: 1) Is the ability to run as a service lost in the current version? In the faq, this has been added as of snort-1.6.3-patch2. But the '-I' switch is now allocated to a different function. (Yes, I know about the 'srvany.exe' option. I've not had great experiences with srvany, and would like to avoid it). 2) Is there an option to forego the IP address on a Windows 2000 interface? I'd like to avoid having my promiscuous mode adapter being addressable. Thanks in advance... -- Michael Worden _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Win32 Port of Snort Michael J Worden (May 20)
- <Possible follow-ups>
- RE: Win32 Port of Snort McCammon, Keith (May 20)
- Re: Win32 Port of Snort Chris Reid (May 20)
- RE: Win32 Port of Snort Michael Steele (May 20)