Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: no modem

From: "Michael Steele" <michaels () silicondefense com>
Date: Mon, 4 Nov 2002 15:02:07 -0800
Spencer,

It would be best to use Snort, because WinDump is not 100%.

1) Install WinPcap
2) Install Snort
Note: Go to Start / Run and type command then enter
3) # snort -W
Note: That will give you a list of interfaces (1, 2, 3 etc.)
4) # snort -v -ix
Note: the x in -ix is the number of the interface you want Snort to
sniff off of.

You should see all kinds of traffic going by in the command window, if
not go into your browser and browse some web pages.

Note: CTRL/C will exit with a nice display of traffic analysis.

-Michael
-- 
 Michael Steele | System Engineer / Support Technician     
 mailto:michaels () silicondefense com    
 Silicon Defense: IDS solutions - http://www.silicondefense.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Matt
Kettler
Sent: Monday, November 04, 2002 2:48 PM
To: Joecat28 () aol com; snort-users () lists sourceforge net
Subject: Re: [Snort-users] no modem

My first suggestion if your doing windows is to get winpcap installed,
and 
try to make windump work first. Windump is a much simpler application
than 
snort and it's much easier to see if it is getting data or not. It's
also 
got less configuration to deal with :)


Windump -D will provide a list of interfaces, and you'll likely need to
try 
a couple different ones (by running windump -i <interfacename>) until
you 
find the "right" one for your dialup. Once you know what the interface
is 
named, then you can try to get snort running on that interface.

At 05:11 PM 11/4/2002 -0500, Joecat28 () aol com wrote:

hi, don't know if this is in the archives...couldn't access them for

some 

reason...
How can i use snort to monitor my dial up modem connection on win xp?

thanks,
=Spencer Whitman




-------------------------------------------------------
This SF.net email is sponsored by: ApacheCon, November 18-21 in
Las Vegas (supported by COMDEX), the only Apache event to be
fully supported by the ASF. http://www.apachecon.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



-------------------------------------------------------
This SF.net email is sponsored by: ApacheCon, November 18-21 in
Las Vegas (supported by COMDEX), the only Apache event to be
fully supported by the ASF. http://www.apachecon.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: