Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Site
Search Rules
Account
email
password
not registered?
user preferences

Snort Forums Archive

Archive Home » Snort Newbies » Snort in a Windows environment.

Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.

[ Notice: Full Version of This Topic ]

Snort in a Windows environment.


Posted by Abaddon on March 08, 2005 04:12:51

Hi All,

We are embarking on a project to run SNORT within our organisation. Just to give you some background on our infrastructure:

Frame relay / VPN / switched Network, 150 servers, 2000 desktops in 64 locations throughout the UK.

We are looking at SNORT as one of the potential candidates for an Intrusion Detection System. Initially I need to get it running on a small test LAN.

Ideally I;d like to run it with Windows 2000/2003 Server, IIS and SQL 2k. We have no Linux / Unix infrastructure and management will not buy in to utilising these platforms.

So I was wondering if anyone out there has done a comprehensive step by step guide to installing and configuring SNORT in the Windows environment using IIS and SQL2k.

Ideally I am looking for something that starts right at the begining and takes you through everything stge by stage. I am not at all familiar with SNORT or IDS's in general so I ideally need somehing that will hold my hand all the way through.

I have looked on the net and through websites linked ot this one but to be honest the guides don't go into anywhere enough detail.

Any help with this would be greatly appreciated.

Thank You.

-Abaddon


Posted by TCinNC on March 08, 2005 04:32:10

Hi Abaddon

a couple options:
http://www.winsnort.com
http://www.minckler.net/snort-acid/
http://www.securityfocus.com/infocus/1315

I am in a similar situation here, hope this helps.

TC


Posted by Abaddon on March 09, 2005 05:00:20

Thank you for that :)

I will have a look this weekend :)


Posted by sniglet on March 15, 2005 08:49:41

EagleX, while getting a little out of date is a GREAT start in a windows 2000 environment (doesn't work in XP SP2 or W2k3)

http://www.engagesecurity.com/products/eaglex/

It does such a good job of handling the niggling details and housekeeping, it's a shame it's no longer being actively developed.

Posted by ldp on March 24, 2005 10:07:06

Thanks for TCinNC, i am also looking exactly for same documentation what abaddon. let me check those sites.
LDP.
site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.