All Activity

This stream auto-updates   

  1. Today
  2. Yesterday
  3. You have a non-standard path assigned. I'm betting you failed to edit one of the .reg files to match your path.
  4. Hi! Thank you for the amazing tutorial! I searched and found another user with this same issue I'm having in the posts.He said he modified the VB script and the only vb script I saw was modder.vbs - and it was true it referenced drive d: throughout. I use drive c so I modified that script, BUT still no luck. c:\winids\activators\by2-test returns success as it should: (I think) >c:\winids\barnyard2\barnyard2.exe -c c:\winids\barnyard2\etc\barnyard2.conf -d c:\winids\snort\log -f merged.log -l c:\winids\barnyard2 -w c:\winids\snort\log\barnyard.wald Running in Test mode --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "c:\winids\barnyard2\etc\barnyard2.conf" +[ Signature Suppress list ]+ ---------------------------- +[No entry in Signature Suppress List]+ ---------------------------- +[ Signature Suppress list ]+ Barnyard2 spooler: Event cache size set to [32768] INFO database: Defaulting Reconnect/Transaction Error limit to 10 INFO database: Defaulting Reconnect sleep time to 5 second [CacheSynchronize()],INFO: No system was found in cache (from signature map file), will not process or synchronize informations found in the database database: compiled support for (postgresql) database: configured to use mysql database: schema version = 107 database: host = winids database: user = snort database: database name = snort database: sensor name = WinIDS-Home database: sensor id = 1 database: sensor cid = 1 database: data encoding = hex database: detail level = full database: ignore_bpf = no database: using the "log" facility --== Initialization Complete ==-- ______ -*> Barnyard2 <*- / ,,_ \ Version 2.1.14 (Build 337) |o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/ + '''' + (C) Copyright 2008-2013 Ian Firns <firnsy@securixlive.com> Barnyard2 successfully loaded configuration file! Barnyard2 exiting database: Closing connection to database "snort" There is nothing in event viewer referencing this crash. when I try net start baryard2: C:\>net start barnyard2 The Barnyard2 service is starting. The Barnyard2 service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. Is there anywhere else to look? Does anyone have any ideas? Thank you in advance! ~Blaine
  5. Last week
  6. thank you! I had the same dang question - I was fighting this for hours! ima dork - thanks again for ask and answer!
  7. Sorry for the delay. There is no event mechanism setup for auto-updating the rules using Pulledpork. This has to be completed manually unless you create something to auto-update. Remember: there needs to be faults checked throughout the complete update process because if one error occurs the Windows Intrusion Detection will shut down without notice. A script would need to very detailed and faults would need to be handled properly.
  8. Earlier
  9. Preform a fresh install of Windows 10, and then use this tutorial to install the Windows Intrusion Detection System per the support programs you requested.
  10. I want to install snort for my windows 10. snort +base +barnyard2 +apache2.4+php After i install barnyard. i test it . then i got this database mysql_error: Can't connect to local MySQL server through socket '/var/run/mysql.sock' (2 "No such file or directory") this error is not for windows. it is in linux is it? now i do not know how to deal with it. hope someone can help me
  11. Make a copy of your barnyard2 folder, and then dissolve the attached by2.zip into the barnyard2 folder and overwrite everything. Then try the test again. Your original barnyard2.conf will not be over written. by2.zip
  12. Hello, I'm going through the installation tutorial and everything has gone great until I got to the by2-test. I get the attached error and am looking for what I have done wrong. Thanks BY2Error.txt
  13. I just tried on a new install of Windows 7 and there is no problem. I'm not sure what your problem could be, but make sure you are running the modder.vbs from a command window with administrator privileges. You might be able to right click the modder.vbs and Run as Administrator. You might mod the modder.vbs file to bypass the check.
  14. Using Regedit go to this key and what is the value in the Data column for CurrentVersion HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
  15. When I run the command line modder.vbs, does this message appear?
  16. Did you run the modder.vbs file? When you type hostname from a CMD prompt what do you get?
  17. Help with this error? d:\>d:\winids\activators\by2-test d:\>d:\winids\barnyard2\barnyard2.exe -c d:\winids\barnyard2\etc\barnyard2.conf -d d:\winids\snort\log -f merged.log -l d:\winids\barnyard2 -w d:\winids\snort\l og\barnyard.waldo -T Running in Test mode --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "d:\winids\barnyard2\etc\barnyard2.conf" +[ Signature Suppress list ]+ ---------------------------- +[No entry in Signature Suppress List]+ ---------------------------- +[ Signature Suppress list ]+ WARNING: invalid Reference spec 'url,'. Ignored WARNING: invalid Reference spec 'url,'. Ignored WARNING: invalid Reference spec 'url,'. Ignored WARNING: invalid Reference spec 'url,'. Ignored Barnyard2 spooler: Event cache size set to [32768] INFO database: Defaulting Reconnect/Transaction Error limit to 10 INFO database: Defaulting Reconnect sleep time to 5 second database mysql_error: Unknown MySQL server host 'winids' (8) Barnyard2 exiting database: Closing connection to database "snort"
  18. Hey, morph, I remember your name before 2014 from somewhere else. Have you been a moderator at other forums, LFS, macports, fink, smoothwall,etc.. Anyway, thanks for your confirmation of what I was planning to do, because besides reinstallation that was the quicker solution. You know, I remember in my very neophyte days, quotes were used in instructions, but what was the need for them but to confuse? In some tutorials, certain characters were explicitly warned not to be used because of conflicts with different config files. I know if I had followed your instructions to the letter this might not have occurred. But, we are always warned not to use default passwords and I didn't want to have change these passwords after the installation was complete. This is really deja vu, because I remember having this conversation about quote marks since they are used as part of a command, sed and ed, years ago. If you need any help updating the instructions so blunderers like me may avoid these errant mistakes, give me a buzz. Best to you, gchinn
  19. It might be easier to just start over. You can fix it but it would require reinstalling MySQL from scratch, fixing the password authentication in BASE and Barnyard2 to sync with the MySQL database. Uninstall MySQL Delete the MySQL folder Do section: Installing the MySQL Database Server Do Section: Configuring the MySQL Database Server Do Section: Creating the Windows Intrusion Detection System Databases Do Section: Creating the Windows Intrusion Detection System Database Tables Do Section: Creating the Windows Intrusion Detection System Database Access, and Authenticated Users Do Section: Confirming MySQL and Snort are operational Do Section: Configuring the Windows Intrusion Detection Systems (WinIDS) Security Console Do Section: Configuring Barnyard2 Do Section: Testing the Barnyard2 configuration file Reboot Do Section: Verifying Barnyard2, and Snort is running as a process after rebooting Do Section: Starting the Windows Intrusion Detection Systems (WinIDS) Security Console That should do it?
  20. I think I need to redo the installation from the beginning because I caused some problems for myself. My error was that I used the '$' in my password for the database users, snort and base. When I tried to test the configuration for barnyard2, an error occurred stating that an unknown something was detected. It listed the password minus the '$', sign. So I changed the database users passwords and barnyard completed successfully. But the 403 error occurred. I went through the installation process again using the test.php but it won't connect. I also reinstalled the rules snapshot and modified snort.conf again. Is there any way to get around this blunder without an installation from scratch. Apologetically, gchinn
  21. Did you run the modder.vbs file? The httpd.conf file looks good. Drop the test.php into the d:\winids\apache24\htdocs\base\ folder. Now open a browser and in the URL dialog box type http://winids/test.php Does all the PHP information display?
  22. I completed every installation procedure successfully. However, when I try to connect to "http://winids" , I get a 403 error: The web page declined to show this webpage. Is there a permission error that I need to correct? Or what setting did I fail to modify correctly. Thanks, Greg
  23. Go back to the section and configure again: Configuring IIS for PHP, and the Windows Intrusion Detection Systems security console
  24. Do not load http: //winids/test.php Hello everyone When checking the verification of the following link Do not load http: //winids/test.php, I do not load the browser page and it stays blank Is this error due? Who can help me with the subject? This is the message of the navigate Internet Explorer can not display the webpage You can try the following: Diagnose connection problems
  1. Load more activity