Snort-MySQL-BASE-Windows

Snort-MySQL-BASE-Windows - Reference...

Info icon This preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Reference: http://www.winsnort.com/index.php?module=Pages&func=display&pageid=11 Download: WinIDS AIO Software Pak http://www.winsnort.com/index.php?module=Downloads&func=prep_hand_out&lid=21 password: winids.com Install Snort: C:\WINDOWS\system32\drivers\etc Edit hosts Add the lines 127.0.0.1 winids D:\temp Install Winpcap D:\temp Install Snort_2_8_4_Installer.exe Destination D:\win-ids\snort D:\temp Extract snortrules-snapshot-CURRENT.zip Destination D:\win-ids\snort Overwrite All D:\win-ids\snort\etc Edit snort.conf Change Line 47 var HOME_NET any --> var HOME_NET 192.168.1.0/24 Line 50 var EXTERNAL_NET any --> var EXTERNAL_NET !$HOME_NET Line 194 var RULE_PATH ../rules --> var RULE_PATH d:\win-ids\snort\rules Line 289 - 293 dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.so --> dynamicpreprocessor file d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_dcerpc.dll dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libsf_dns_preproc.so --> dynamicpreprocessor file d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_dns.dll dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.so --> dynamicpreprocessor file d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_ftptelnet.dll dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libsf_smtp_preproc.so --> dynamicpreprocessor file d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_smtp.dll dynamicpreprocessor file /usr/local/lib/snort_dynamicpreprocessor/libsf_ssh_preproc.so --> dynamicpreprocessor file d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_ssh.dll Line 312 dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so --> dynamicengine d:\win-ids\snort\lib\snort_dynamicengine\sf_engine.dll Line 679 - 681 Remove the comments '#' Line 823 Add output alert_fast: alert.ids Also add an newline as well Line 830 # output database: log, mysql, user=root password=test dbname=db host=localhost --> output database: log, mysql, user=snort password=l0gg3r dbname=snort host=localhost sensor_name=WinIDS Line 874 include classification.config --> include d:\win-ids\snort\etc\classification.config Line 887 include reference.config --> include d:\win-ids\snort\etc\reference.config Line 995 # include threshold.conf --> include d:\win-ids\snort\etc\threshold.conf
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern