All Activity

This stream auto-updates   

  1. Today
  2. Yesterday
  3. Last week
  4. Earlier
  5. Thanks, again I made the assumption it had to be there.
  6. Remember: The Windows Intrusion Detection Systems security console (BASE) will never work with PHP-7 Do not preform function if it's not detailed in the tutorial. The portscan.log will be created when it is needed.
  7. Yes, it works now, thanks! Did two things though: 1. Got the exact PHP version (did not work! different error) 2. Changed the extension from mysqli to mysql in php.ini (worked!) I only used mysqli.dll because I could not find mysql.dll in the mysql folder. I tried to be one step ahead I guess.
  8. Thanks, will try the exact php version shortly.
  9. Only use the versions that are detailed in the tutorial. There MIGHT be a failure by using newer/older versions. If you are using PHP 7.x then the BASE console will not work, and PHP is only installed for that one program. Note: It is possible to run multiple versions of PHP at the same time.
  10. Unfortunately I can't afford 250 now. But I can live with just the output from barnyard for now. I suspect it's the newer version of the PHP that I'm using that is causing all the problems. The test.php actually works! Thanks.
  11. I have no idea what you are doing but you are working on a non-standard (not following tutorial) and it is really hard to diagnose problems. Note: PHP that is supported in the tutorial has extension=php_mysql as an option. There are a couple of solutions: Preform a complete reinstall and follow the tutorial. I am available for a one on support, and I guarantee to get it 100%. However, there is a $250 US fee and I would need remote access to the PC. Everything will be installed on one device, and the OS has to be one that is officially supported, and memory has to be a minimum of 3 gigs for non-server and 6 gigs for server.
  12. I've done everything by the book, with the exception of having Snort under C:\Snort, and all tests passed. However I get this when I type http://winids (cut off like that): nk_field_string, $add_button_string) in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_citems.inc.php on line 1398 PHP Warning: Declaration of ICMPFieldCriteria::Description() should be compatible with ProtocolFieldCriteria::Description($human_fields) in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_citems.inc.php on line 1438 PHP Warning: Declaration of ICMPFieldCriteria::PrintForm() should be compatible with MultipleElementCriteria::PrintForm($field_list, $blank_field_string, $add_button_string) in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_citems.inc.php on line 1438 PHP Warning: Declaration of DataCriteria::PrintForm() should be compatible with MultipleElementCriteria::PrintForm($field_list, $blank_field_string, $add_button_string) in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_citems.inc.php on line 1634 PHP Fatal error: Uncaught Error: Cannot use string offset as an array in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_common.inc.php:47 Stack trace: #0 D:\WinIDS\inetpub\wwwroot\base\base_main.php(60): InitArray('', 1, 3, '') #1 {main} thrown in D:\WinIDS\inetpub\wwwroot\base\includes\base_state_common.inc.php on line 47 Exactly cut off like that. Any ideas? I've created a portscan.log file since did not exist Also my php.ini does not have a extension=php_mysql.dll but a extension=php_mysqli.dll with an i. Probably because it's the latest version. Windows 10 64bit, Firefox or Internet Explorer, barnyard and snort services running BTW This is the most comprehensive install tutorial I've seen Edit 1 After some double checking I realized that the Barnyard2 service is running (svrany) but not the barnyard2.exe. I am now launching barnyard2.exe manually with the following command: barnyard2.exe -c d:\winids\barnyard2\etc\barnyard2.conf -d c:\snort\log -f merged.log -l d:\winids\barnyard2 -w c:\snort\log\barnyard.waldo which works fine. The IIS still does not work!
  13. This has been fixed in the current version. To fix this: Open a CMD window and type 'cd /d d:\winids\php' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'pear install mail mail_mime' (less the outside quotes), and tap the 'Enter' key. Close the CMD window and try it again.
  14. PHP Warning: include_once(Mail.php): failed to open stream: No such file or directory in C:\winids\inetpub\wwwroot\base\includes\base_action.inc.php on line 29 PHP Warning: include_once(): Failed opening 'Mail.php' for inclusion (include_path='c:\winids\php;c:\winids\php\pear') in C:\winids\inetpub\wwwroot\base\includes\base_action.inc.php on line 29 PHP Warning: include_once(Mail/mime.php): failed to open stream: No such file or directory in C:\winids\inetpub\wwwroot\base\includes\base_action.inc.php on line 30 PHP Warning: include_once(): Failed opening 'Mail/mime.php' for inclusion (include_path='c:\winids\php;c:\winids\php\pear') in C:\winids\inetpub\wwwroot\base\includes\base_action.inc.php on line 30
  15. I'm supposed to compare SNORT, Suricata, OSSIM, and OpenVAS, based on the strategy for intrusion detection. Can you help?
  16. You have a non-standard path assigned. I'm betting you failed to edit one of the .reg files to match your path.
  17. Hi! Thank you for the amazing tutorial! I searched and found another user with this same issue I'm having in the posts.He said he modified the VB script and the only vb script I saw was modder.vbs - and it was true it referenced drive d: throughout. I use drive c so I modified that script, BUT still no luck. c:\winids\activators\by2-test returns success as it should: (I think) >c:\winids\barnyard2\barnyard2.exe -c c:\winids\barnyard2\etc\barnyard2.conf -d c:\winids\snort\log -f merged.log -l c:\winids\barnyard2 -w c:\winids\snort\log\barnyard.wald Running in Test mode --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "c:\winids\barnyard2\etc\barnyard2.conf" +[ Signature Suppress list ]+ ---------------------------- +[No entry in Signature Suppress List]+ ---------------------------- +[ Signature Suppress list ]+ Barnyard2 spooler: Event cache size set to [32768] INFO database: Defaulting Reconnect/Transaction Error limit to 10 INFO database: Defaulting Reconnect sleep time to 5 second [CacheSynchronize()],INFO: No system was found in cache (from signature map file), will not process or synchronize informations found in the database database: compiled support for (postgresql) database: configured to use mysql database: schema version = 107 database: host = winids database: user = snort database: database name = snort database: sensor name = WinIDS-Home database: sensor id = 1 database: sensor cid = 1 database: data encoding = hex database: detail level = full database: ignore_bpf = no database: using the "log" facility --== Initialization Complete ==-- ______ -*> Barnyard2 <*- / ,,_ \ Version 2.1.14 (Build 337) |o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/ + '''' + (C) Copyright 2008-2013 Ian Firns <firnsy@securixlive.com> Barnyard2 successfully loaded configuration file! Barnyard2 exiting database: Closing connection to database "snort" There is nothing in event viewer referencing this crash. when I try net start baryard2: C:\>net start barnyard2 The Barnyard2 service is starting. The Barnyard2 service could not be started. The service did not report an error. More help is available by typing NET HELPMSG 3534. Is there anywhere else to look? Does anyone have any ideas? Thank you in advance! ~Blaine
  18. thank you! I had the same dang question - I was fighting this for hours! ima dork - thanks again for ask and answer!
  19. Sorry for the delay. There is no event mechanism setup for auto-updating the rules using Pulledpork. This has to be completed manually unless you create something to auto-update. Remember: there needs to be faults checked throughout the complete update process because if one error occurs the Windows Intrusion Detection will shut down without notice. A script would need to very detailed and faults would need to be handled properly.
  20. Preform a fresh install of Windows 10, and then use this tutorial to install the Windows Intrusion Detection System per the support programs you requested.
  21. I want to install snort for my windows 10. snort +base +barnyard2 +apache2.4+php After i install barnyard. i test it . then i got this database mysql_error: Can't connect to local MySQL server through socket '/var/run/mysql.sock' (2 "No such file or directory") this error is not for windows. it is in linux is it? now i do not know how to deal with it. hope someone can help me
  22. Make a copy of your barnyard2 folder, and then dissolve the attached by2.zip into the barnyard2 folder and overwrite everything. Then try the test again. Your original barnyard2.conf will not be over written. by2.zip
  23. Hello, I'm going through the installation tutorial and everything has gone great until I got to the by2-test. I get the attached error and am looking for what I have done wrong. Thanks BY2Error.txt
  24. I just tried on a new install of Windows 7 and there is no problem. I'm not sure what your problem could be, but make sure you are running the modder.vbs from a command window with administrator privileges. You might be able to right click the modder.vbs and Run as Administrator. You might mod the modder.vbs file to bypass the check.
  25. Using Regedit go to this key and what is the value in the Data column for CurrentVersion HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
  26. When I run the command line modder.vbs, does this message appear?
  27. Did you run the modder.vbs file? When you type hostname from a CMD prompt what do you get?
  1. Load more activity