Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Problems with Snort Installation on Windows 7

From: ƒabricio - <ttfabricio () hotmail com>
Date: Wed, 13 Nov 2013 08:03:48 -0200
Hello, i'm looking for some tutorials how install and use Snort on Windows7 or 8 ( i have both). I found some guides on 
winsnort.com, but they don't work at my windows 7(home basic, it needs the Professional), but i have Windows 8 
Professional and the same thing... Well, let's continue.

I was using this tutorial: http://www.snort.org/assets/151/Installing_Snort_2.8.6.1_on_Windows_7.pdf and at some points 
some things didn't worked.

First: "After a couple of seconds you will see “Not Using PCAP_FRAMES”. Snort is now running and willalert you if a 
Rule is triggered. If a Rule us triggered the command prompt window will rapidly scrolltext."
In my Snort i don't see that message "Not Using PCAP_FRAMES".

Second:
"Using Notepad++, create a file on your Desktop called Snortstart.bat and place the following line ofcode in 
it:c:\snort\bin\snort -iX -s -l c:\snort\log\ -c c:\snort\etc\snort.conf (replace X with your Device 
Interfacenumber)Also create a shortcut on your Desktop for the Kiwi Syslog Server ConsoleOpen the Kiwi Syslog Server 
Console (if it isn't already)Now right-click and run Snortstart.bat as an Administrator. Wait (about thirty seconds) 
until you seethe familiar line “Not Using PCAP_FRAMES” at the end.Finally, open another command prompt window and run: 
ping google.com"
Ok, i created the .bat file and run as administrator. Again the message "Not Using PCAP_FRAMES don't appear. The snort 
loads the rules, etc, etc, etc... and stops at this point: Commencing Packet Processing. I waited about an one hour and 
nothing, still the same thing. At Kiwi Syslog, don't appear any alerts. Only if i press CTRL+T(to send test message to 
localhost). 
I used this command line snort -i 3 -c c:\snort\etc\snort.conf -A consoleThen snort run and can capture TCP, UDP and 
ICMP packges. But still 0 alerts on Kiwi Syslog.
I stopped the installation after this. I re-installed all the programs and started from the begin, but the same errors.
I really need help on the installation and how to use Snort as IDS, for my final project on my graduation.
Thanks and sorry for my bad english.

                                          
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: