Re: How to use snort as ips in window 7

[zaib khan <zaibkhan200 () gmail com>]

I have already install snort
But some rules are not working for me
Like drop connection in tcp syn flood attack etc
On May 22, 2017 12:19 AM, "J Doe" <general () nativemethods com> wrote:
> Hi Zaib,
>
> Your last message (please see below), did not include a body.  I am
assuming your question is therefore the subject line, which is "how to use
as IPS in win 7".
> For installation on Windows, WinSnort.com (linked to from snort.org), may
be your best bet [1].  Note that it mentions using Snort as an IDS and not
as an IPS as your subject referenced.  AFAIK winpcap (a libpcap
implementation via a driver for Windows), does not support injection, but
it may be possible to have a script monitor Snort's output and update the
Windows Firewall (PowerShell ?)
> You may find it more beneficial placing Snort on a *nix box, inline, in
front of your Win 7 host(s), as blocking and normalization are then
available.  There is much more third-party support/tools for *nix hosts.
> Sources:
> [1]
http://www.winsnort.com/forum/7-support-forums-for-installing-a-3264-bit-windows-7-8x-10-2008-2013-2016-intrusion-detection-system-winids/
> - J
>
> On May 21, 2017, at 2:57 PM, zaib khan <zaibkhan200 () gmail com> wrote:
>
> > <snort-users () lists sourceforge net>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!