Snort mailing list archives

Re: mysql with windows snort

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Thu, 10 Jul 2014 00:58:57 +0000

“Some” wasn’t meant to be demeaning, my apologies if you took it that way :).  WinSnort.com<http://WinSnort.com> has a 
ton of information, and we’re glad that you provide it to the community.

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team



On Jul 9, 2014, at 5:40 PM, Michael Steele <michaels () winsnort com<mailto:michaels () winsnort com>> wrote:

Joe,

Really > There is some Windows information here:  http://www.winsnort.com<http://www.winsnort.com/>

Winsnort.com<http://winsnort.com/> just doesn’t have SOME information they have all the necessary information to get 
the Snort intrusion detection engine running on Windows. Winsnort.com<http://winsnort.com/> provides complete tutorials 
on installing the Snort Intrusion detection engine into a complete Windows Intrusion Detection System (WiinIDS).

The Winsnort.com<http://winsnort.com/>  Windows Intrusion Detection Systems (WinIDS) tutorials covers ALL these windows 
operating systems in either 32bit or 64bit installs.

Windows Workstation XP
Windows Workstation 7
Windows Workstation 8.x

Windows Server 2003
Windows Server 2008
Windows Server 2012

Supports Appache2, or IIS in any configuration using the MySQL or the PostgreSQL database.

Winsnort.com<http://winsnort.com/> has tutorials on installing rule management using PulledPork, or Oinkmaster.

Winsnort.com<http://winsnort.com/> has a tutorial on emailing priority events.

Winsnort.com<http://winsnort.com/> has a tutorial on routing events to a UNIX or Windows Syslog server.

Winsnort.com<http://winsnort.com/> has a tutorial on setting up a master sensor receiving events from any number of 
remote Windows or UNIX clients from any location in the world.

I’m not sure what else Winsnort.com<http://winsnort.com/> can do on windows using Snort, but if it can be done on 
windows using existing software, Winsnort.com<http://winsnort.com/> is always looking for suggestions for new projects.

That’s just SOME of the things Snort ca do on Windows. Running CURRENT Snort on Windows is like the old clunky Pinto 4 
cylinder from 12 years ago was removed, and a new super charged V8 has replaced it.

Practical under Windows, its users choice.

Best regards,
Michael...

WINSNORT.com<http://winsnort.com/> Management…
--
****************** Established ~ 2001 *******************
*          Visit Us @ http://www.winsnort.com<http://www.winsnort.com/>           *
*      ~~ FREE WinIDS Snort installation guides ~~      *
*               ~~ FREE support forums ~~               *
* Snort: Open Source Network IDS - http://www.snort.org<http://www.snort.org/> *
*********************************************************

From: Joel Esler (jesler) [mailto:jesler () cisco com]
Sent: Wednesday, July 9, 2014 12:23 PM
To: Alan Gao
Cc: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net>
Subject: Re: [Snort-users] mysql with windows snort

There is some Windows information here:  http://www.winsnort.com<http://www.winsnort.com/>

Officially, we build the Windows build of Snort, but generally, we don’t recommend it.


On Jul 9, 2014, at 11:51 AM, Alan Gao <Alan.Gao () msistone com<mailto:Alan.Gao () msistone com>> wrote:


Thanks guys. It seems barnyard2 only works with linux. Does anyone know a Windows apps that can put snort log into a 
sql database?

Sincerely,

-Alan

From: Michael Steele [mailto:michaels () winsnort com]
Sent: Tuesday, July 08, 2014 4:43 PM
To: Alan Gao; snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net>
Subject: Re: [Snort-users] mysql with windows snort

Seems like everyone is jumping around the question.

To answer your question. The create_mysql script is now contained in the barnyard2 tarball.

Site: https://github.com/firnsy/barnyard2

Best regards,
Michael...

WINSNORT.com<http://winsnort.com/> Management…
--
****************** Established ~ 2001 *******************
*          Visit Us @ http://www.winsnort.com<http://www.winsnort.com/>           *
*      ~~ FREE WinIDS Snort installation guides ~~      *
*               ~~ FREE support forums ~~               *
* Snort: Open Source Network IDS - http://www.snort.org<http://www.snort.org/> *
*********************************************************

From: Alan Gao [mailto:Alan.Gao () msistone com]
Sent: Tuesday, July 8, 2014 5:44 PM
To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net>
Subject: [Snort-users] mysql with windows snort

Does anyone know where is the create_mysql script in windows version Snort?
I use release_notes_2.9.6.1. But can’t find this script. Does this version support Mysql logging?
Does

Regards,
Alan Gao

P When God closes a door, He opens a window.


------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

mysql with windows snort Alan Gao (Jul 08)
- Re: mysql with windows snort Steve Gantz (Jul 08)
  - Re: mysql with windows snort Joel Esler (jesler) (Jul 08)
- Re: mysql with windows snort Michael Steele (Jul 08)
- <Possible follow-ups>
- mysql with windows snort Alan Gao (Jul 09)
  - Re: mysql with windows snort Joel Esler (jesler) (Jul 09)
    - Re: mysql with windows snort Michael Steele (Jul 09)
    - Re: mysql with windows snort Joel Esler (jesler) (Jul 09)
    - Message not available
    - Re: mysql with windows snort Michael Steele (Jul 16)
  - Re: mysql with windows snort Michael Steele (Jul 09)