Snort mailing list archives
New install of Snort on Windows 2008
From: "Erik D. Sciortino" <ESciortino () ABIM ORG>
Date: Wed, 6 Feb 2013 15:32:38 +0000
Hello All, Snort newbie here. I recently installed Snort on a Windows 2008 R2 (x64) box with MySQL back-end and am using barnyard2 for log processing and parsing. When I run snort in packet sniffer mode (-v), I can see all the traffic coming through on the spanned switch port. However, when I switch snort into active mode with the -l switch, noting gets written into the log file. I've reviewed the instructions I have for installing snort on a Windows box and appear to have followed all the steps correctly, the snort.conf, and have even run snort in test mode (-T) and nothing appears amiss. Because I'm a newbie, I'm not sure where to go next and would appreciate any wisdom, advice, etc. that I could get to help resolve this issue.... Thanks In Advance! Erik Erik D. Sciortino, CISSP, CISM, CIPP Director of Data Security American Board of Internal Medicine 510 Walnut Street | Suite 1700 | Philadelphia, PA 19106 P: 215.446.3525 | C: 215.847.2207 | E: esciortino () abim org<mailto:esciortino () abim org> www.ABIM.org<http://www.ABIM.org> P Save Paper - Do you really need to print this e-mail? ________________________________ CONFIDENTIALITY NOTICE: This message and any attachments may contain confidential or proprietary information and are only for the use of the intended recipient(s) named above. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, please notify us immediately by replying to this email and delete or destroy the original and all copies thereof. Any unauthorized disclosure, use, distribution, or reproduction of this message or any attachments is prohibited and may be unlawful. ________________________________
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- New install of Snort on Windows 2008 Erik D. Sciortino (Feb 06)
- Re: New install of Snort on Windows 2008 Joel Esler (Feb 06)
- Re: New install of Snort on Windows 2008 Erik D. Sciortino (Feb 06)
- Re: New install of Snort on Windows 2008 Joel Esler (Feb 06)