Snort mailing list archives
RE: Setting up Snort on Windows
From: "Michael Steele" <michaels () silicondefense com>
Date: Thu, 27 Jun 2002 09:07:41 -0700
Andrew, Placing a hash mark to remove the line from the config is fine. It does take some time for alerts to start to show up. Here is a rule to place into your local.rules file. After you do that be sure to remove the hash mark in Snort.conf for the include local.rules. You can either replace the file with this or just past the rule in. After you have done that be sure to restart snort, to activate the new rule. Then go to your browser and generate some traffic. Let me know how that works. -Michael -- Michael Steele | System Engineer / Support Technician mailto:michaels () silicondefense com Silicon Defense: IDS solutions - http://www.silicondefense.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: Andrew Barnes-Webb [mailto:Andrew.Barnes-Webb () chjm com] Sent: Thursday, June 27, 2002 7:03 AM To: michaels () silicondefense com Subject: Setting up Snort on Windows Hi Michael I have been following your instructions on installing Snort (with Apache, MySQL, ACID, etc.) on Windows and I seem to have hit a brick wall. Unfortunately I am a relative novice at this sort of intricate installation so trying to figure the problem out has been rather frustrating for me. My problem is that in the Apache httpd.conf file, we added the line "AddModule mod_php4.c" but when I test the config, I get the error message "Cannot add module via name 'mod_php4.c': not in list of loaded modules". When I comment this line out, the config runs OK, but no data is registered on the ACID stats pages. I'll attach a JPG of the error message for good measure. My PC config is as follows: Compaq Deskpro Pentium 2 (400) Windows 98 SE <---- I hope this isn't an issue 64MB RAM I would appreciate it if you could part with some of you superior knowledge and shed some light on my problem. Thaks for your help. Andrew ________________________________________________________________________ This email has been scanned for all viruses by the MessageLabs SkyScan service. For more information on a proactive anti-virus service working around the clock, around the globe, visit http://www.messagelabs.com ________________________________________________________________________
Attachment:
local.rules
Description:
Current thread:
- RE: Setting up Snort on Windows Michael Steele (Jun 27)