Re: mysql with windows snort

["Michael Steele" <michaels () winsnort com>]

The site will be updated shortly by 18:30 EST to reflect the new files,
which will match the new hash values, which is what you are seeing. Not sure
what the root cause was, but the file/s you have are authentic , but behind
one revision.

 

Best regards,

Michael...

 

WINSNORT.com Management.

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com/> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org/>
http://www.snort.org *

*********************************************************

 

From: Alan Gao [mailto:Alan.Gao () msistone com] 
Sent: Wednesday, July 16, 2014 1:00 PM
To: michaels () winsnort com
Subject: RE: [Snort-users] mysql with windows snort

 

Hi Michaels,

 

I download this software from
http://www.winsnort.com/files/file/7-windows-intrusion-detection-systems-64b
it-core-software-support-pack/

I found the sha-1 value is different.

 

C:\hyperV\suu>c:\hyperv\fciv -sha1  winids-cssp-x64.zip

// File Checksum Integrity Verifier version 2.05.

3851228f808183b5cc603c72a7fdb8203e967681 winids-cssp-x64.zip

 

The values on the webpage is SHA-1 Hash value:
601913E960687D5FA614E7349C7F40BD162C7B72

 

I assume you work for winsnort.com. Not sure if I did anything wrong.

 

Sincerely,

 

-Alan

 

From: Joel Esler (jesler) [mailto:jesler () cisco com] 
Sent: Wednesday, July 09, 2014 5:59 PM
To: Michael Steele
Cc: Alan Gao; snort-users () lists sourceforge net
<mailto:snort-users () lists sourceforge net> 
Subject: Re: [Snort-users] mysql with windows snort

 

"Some" wasn't meant to be demeaning, my apologies if you took it that way
:).  WinSnort.com <http://WinSnort.com>  has a ton of information, and we're
glad that you provide it to the community.   

 

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team

 

 

 

On Jul 9, 2014, at 5:40 PM, Michael Steele <michaels () winsnort com
<mailto:michaels () winsnort com> > wrote:

 

Joe,

 

Really > There is some Windows information here:
<http://www.winsnort.com/> http://www.winsnort.com

 

 <http://winsnort.com/> Winsnort.com just doesn't have SOME information they
have all the necessary information to get the Snort intrusion detection
engine running on Windows.  <http://winsnort.com/> Winsnort.com provides
complete tutorials on installing the Snort Intrusion detection engine into a
complete Windows Intrusion Detection System (WiinIDS).

 

The  <http://winsnort.com/> Winsnort.com  Windows Intrusion Detection
Systems (WinIDS) tutorials covers ALL these windows operating systems in
either 32bit or 64bit installs.

 

Windows Workstation XP

Windows Workstation 7

Windows Workstation 8.x

 

Windows Server 2003

Windows Server 2008

Windows Server 2012

 

Supports Appache2, or IIS in any configuration using the MySQL or the
PostgreSQL database.

 

 <http://winsnort.com/> Winsnort.com has tutorials on installing rule
management using PulledPork, or Oinkmaster.

 

 <http://winsnort.com/> Winsnort.com has a tutorial on emailing priority
events.

 

 <http://winsnort.com/> Winsnort.com has a tutorial on routing events to a
UNIX or Windows Syslog server.

 

 <http://winsnort.com/> Winsnort.com has a tutorial on setting up a master
sensor receiving events from any number of remote Windows or UNIX clients
from any location in the world.

 

I'm not sure what else  <http://winsnort.com/> Winsnort.com can do on
windows using Snort, but if it can be done on windows using existing
software,  <http://winsnort.com/> Winsnort.com is always looking for
suggestions for new projects.

 

That's just SOME of the things Snort ca do on Windows. Running CURRENT Snort
on Windows is like the old clunky Pinto 4 cylinder from 12 years ago was
removed, and a new super charged V8 has replaced it.

 

Practical under Windows, its users choice.

 

Best regards,

Michael...

 

 <http://winsnort.com/> WINSNORT.com Management.

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com/> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org/>
http://www.snort.org *

*********************************************************

 

From: Joel Esler (jesler) [mailto:jesler () cisco com] 
Sent: Wednesday, July 9, 2014 12:23 PM
To: Alan Gao
Cc: snort-users () lists sourceforge net
<mailto:snort-users () lists sourceforge net> 
Subject: Re: [Snort-users] mysql with windows snort

 

There is some Windows information here:   <http://www.winsnort.com/>
http://www.winsnort.com

 

Officially, we build the Windows build of Snort, but generally, we don't
recommend it.

 

 

On Jul 9, 2014, at 11:51 AM, Alan Gao < <mailto:Alan.Gao () msistone com>
Alan.Gao () msistone com> wrote:





Thanks guys. It seems barnyard2 only works with linux. Does anyone know a
Windows apps that can put snort log into a sql database?

 

Sincerely,

 

-Alan

 

From: Michael Steele [ <mailto:michaels () winsnort com>
mailto:michaels () winsnort com] 
Sent: Tuesday, July 08, 2014 4:43 PM
To: Alan Gao;  <mailto:snort-users () lists sourceforge net>
snort-users () lists sourceforge net
Subject: Re: [Snort-users] mysql with windows snort

 

Seems like everyone is jumping around the question.

 

To answer your question. The create_mysql script is now contained in the
barnyard2 tarball.

 

Site:  <https://github.com/firnsy/barnyard2>
https://github.com/firnsy/barnyard2

 

Best regards,

Michael...

 

 <http://winsnort.com/> WINSNORT.com Management.

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com/> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org/>
http://www.snort.org *

*********************************************************

 

From: Alan Gao [ <mailto:Alan.Gao () msistone com>
mailto:Alan.Gao () msistone com] 
Sent: Tuesday, July 8, 2014 5:44 PM
To:  <mailto:snort-users () lists sourceforge net>
snort-users () lists sourceforge net
Subject: [Snort-users] mysql with windows snort

 

Does anyone know where is the create_mysql script in windows version Snort?

I use release_notes_2.9.6.1. But can't find this script. Does this version
support Mysql logging?

Does

 

Regards,

Alan Gao

 

P When God closes a door, He opens a window.

 

 

----------------------------------------------------------------------------
--
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
 
<http://p.sf.net/sfu/Bonitasoft_____________________________________________
__>
http://p.sf.net/sfu/Bonitasoft______________________________________________
_
Snort-users mailing list
 <mailto:Snort-users () lists sourceforge net>
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
 <https://lists.sourceforge.net/lists/listinfo/snort-users>
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
 <http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users>
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit  <http://blog.snort.org/> http://blog.snort.org to stay current
on all the latest Snort news!

 

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!