Snort-MySQL-BASE-Windows

Snort-MySQL-BASE-Windows - Reference:

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Reference: Download: WinIDS AIO Software Pak password: winids.com Install Snort: C:\WINDOWS\system32\drivers\etc Edit hosts Add the lines 127.0.0.1 winids D:\temp Install Winpcap D:\temp Install Snort_2_8_4_Installer.exe Destination D:\win-ids\snort D:\temp Extract snortrules-snapshot-CURRENT.zip Destination D:\win-ids\snort Overwrite All D:\win-ids\snort\etc Edit snort.conf Change Line 47 var HOME_NET any --> var HOME_NET 192.168.1.0/24 Line 50 var EXTERNAL_NET any --> var EXTERNAL_NET !$HOME_NET Line 194 var RULE_PATH . ./rules --> var RULE_PATH d:\win-ids\snort\rules Line 289 - 293 dynamicpreprocessor Fle /usr/local/lib/snort_dynamicpreprocessor/libsf_dcerpc_preproc.so --> dynamicpreprocessor Fle d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_dcerpc.dll dynamicpreprocessor Fle /usr/local/lib/snort_dynamicpreprocessor/libsf_dns_preproc.so --> dynamicpreprocessor Fle d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_dns.dll dynamicpreprocessor Fle /usr/local/lib/snort_dynamicpreprocessor/libsf_ftptelnet_preproc.so --> dynamicpreprocessor Fle d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_ftptelnet.dll dynamicpreprocessor Fle /usr/local/lib/snort_dynamicpreprocessor/libsf_smtp_preproc.so --> dynamicpreprocessor Fle d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_smtp.dll dynamicpreprocessor Fle /usr/local/lib/snort_dynamicpreprocessor/libsf_ssh_preproc.so --> dynamicpreprocessor Fle d:\win-ids\snort\lib\snort_dynamicpreprocessor\sf_ssh.dll Line 312 dynamicengine /usr/local/lib/snort_dynamicengine/libsf_engine.so --> dynamicengine d:\win-ids\snort\lib\snort_dynamicengine\sf_engine.dll Line 679 - 681 Remove the comments '#' Line 823 Add output alert_fast: alert.ids Also add an newline as well Line 830 # output database: log, mysql, user=root password=test dbname=db host=localhost --> output database: log, mysql, user=snort password=l0gg3r dbname=snort host=localhost sensor_name=WinIDS Line 874 include classiFcation.conFg --> include d:\win-ids\snort\etc\classiFcation.conFg Line 887 include reference.conFg --> include d:\win-ids\snort\etc\reference.conFg Line 995 # include threshold.conf --> include d:\win-ids\snort\etc\threshold.conf Save! Test Snort
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

Snort-MySQL-BASE-Windows - Reference:

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online