All Activity
This stream auto-updates
- Today
- Yesterday
-
If the High-Volume Logging/Testing option was enabled during the initial Auto-Installer setup, the system likely generated a significant number of events. While this setting is an excellent diagnostic tool to verify that the Windows Intrusion Detection System (WinIDS) is actively receiving data—especially in environments where default traffic might take hours to trigger an alert—it is recommended to revert to the default policy once connectivity is confirmed. Procedure to Restore Default Rule Policy Follow these steps to deactivate the testing rules and return to the standard configuration: Modify Configuration: Navigate to the Pulledpork\etc folder via File Explorer. Right-click enablesid.conf and open it with Notepad. Locate the line beginning with pcre:. Comment out the line by adding a # at the start (e.g., # pcre:.) Save and exit. Clear Temporary Files: Navigate to the Pulledpork\temp folder. Delete the two files located in this directory. Close File Explorer. Update Rule Set: Open the Start Menu and open the WinSnort folder. Run the Rules Updater. This process will fetch the latest rule definitions and reconfigure Snort to the default policy setting, ensuring optimal performance and manageable log volumes. -
If the High-Volume Logging/Testing option was enabled during the initial Auto-Installer setup, the system likely generated a significant number of events. While this setting is an excellent diagnostic tool to verify that the Windows Intrusion Detection System (WinIDS) is actively receiving data—especially in environments where default traffic might take hours to trigger an alert—it is recommended to revert to the default policy once connectivity is confirmed. Procedure to Restore Default Rule Policy Follow these steps to deactivate the testing rules and return to the standard configuration: Modify Configuration: Navigate to the Pulledpork\etc folder via File Explorer. Right-click enablesid.conf and open it with Notepad. Locate the line beginning with pcre:. Comment out the line by adding a # at the start (e.g., # pcre:.) Save and exit. Clear Temporary Files: Navigate to the Pulledpork\temp folder. Delete the two files located in this directory. Close File Explorer. Update Rule Set: Open the Start Menu and open the WinSnort folder. Run the Rules Updater. This process will fetch the latest rule definitions and reconfigure Snort to the default policy setting, ensuring optimal performance and manageable log volumes.
-
If the High-Volume Logging/Testing option was enabled during the initial Auto-Installer setup, the system likely generated a significant number of events. While this setting is an excellent diagnostic tool to verify that the Windows Intrusion Detection System (WinIDS) is actively receiving data—especially in environments where default traffic might take hours to trigger an alert—it is recommended to revert to the default policy once connectivity is confirmed. Procedure to Restore Default Rule Policy Follow these steps to deactivate the testing rules and return to the standard configuration: Modify Configuration: Navigate to the Pulledpork\etc folder via File Explorer. Right-click enablesid.conf and open it with Notepad. Locate the line beginning with pcre:. Comment out the line by adding a # at the start (e.g., # pcre:.) Save and exit. Clear Temporary Files: Navigate to the Pulledpork\temp folder. Delete the two files located in this directory. Close File Explorer. Update Rule Set: Open the Start Menu and open the WinSnort folder. Run the Rules Updater. This process will fetch the latest rule definitions and reconfigure Snort to the default policy setting, ensuring optimal performance and manageable log volumes.
-
If the High-Volume Logging/Testing option was enabled during the initial Auto-Installer setup, the system likely generated a significant number of events. While this setting is an excellent diagnostic tool to verify that the Windows Intrusion Detection System (WinIDS) is actively receiving data—especially in environments where default traffic might take hours to trigger an alert—it is recommended to revert to the default policy once connectivity is confirmed. Procedure to Restore Default Rule Policy Follow these steps to deactivate the testing rules and return to the standard configuration: Modify Configuration: Navigate to the Pulledpork\etc folder via File Explorer. Right-click enablesid.conf and open it with Notepad. Locate the line beginning with pcre:. Comment out the line by adding a # at the start (e.g., # pcre:.) Save and exit. Clear Temporary Files: Navigate to the Pulledpork\temp folder. Delete the two files located in this directory. Close File Explorer. Update Rule Set: Open the Start Menu and locate and open the WinSnort folder. Run the Rules Updater. This process will fetch the latest rule definitions and reconfigure Snort to the default policy setting, ensuring optimal performance and manageable log volumes.
- Last week
-
Version
2 downloads
=============================================================================== WINIDS v2.4 - AUTOMATED INSTALLER (IIS/MySQL BUILD) =============================================================================== This package automates the deployment of a complete Windows Intrusion Detection System. Designed for fresh installs of Windows 10/11 or Windows Server 2016-2024 (64-bit). ------------------------------------------------------------------------------- 1. PRE-INSTALLATION ------------------------------------------------------------------------------- * Ensure you are working on a fresh OS installation. * Extract this ZIP file into an empty folder. * Open 'config.conf' and update the following four variables: $AllRules: Set to "Yes" for testing/high-volume logging or "No" for standard security defaults. $TempDir: Local path for downloaded support files (e.g., "D:\temp"). $WinIDSRoot: Local path for the final installation (e.g., "D:\winids"). $Oinkcode: Your unique 40-character Oinkcode. ------------------------------------------------------------------------------- 2. STEP 1: DOWNLOAD COMPONENTS ------------------------------------------------------------------------------- Open a Command Prompt as ADMINISTRATOR and run: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Downloader.ps1 NOTE: If a download fails due to site security, manually download the specific version mentioned in the error, place it in your $TempDir, and re-run the script until all files are verified. ------------------------------------------------------------------------------- 3. STEP 2: INSTALL SYSTEM ------------------------------------------------------------------------------- Once downloads are complete, run the following in the Admin Command Prompt: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Installer.ps1 The process takes ~10 minutes. The system will automatically reboot 30 seconds after completion. ------------------------------------------------------------------------------- 4. POST-INSTALLATION ------------------------------------------------------------------------------- After reboot, check the Start Menu for the "WinSnort" folder containing: * WinIDS Console (Event Monitoring) * Rules Updater (PulledPork Utility) * Database Utility (MySQL Maintenance) =============================================================================== -
Version
0 downloads
=============================================================================== WINIDS v2.4 - AUTOMATED INSTALLER (IIS/PostgreSQL BUILD) =============================================================================== This package automates the deployment of a complete Windows Intrusion Detection System. Designed for fresh installs of Windows 10/11 or Windows Server 2016-2024 (64-bit). ------------------------------------------------------------------------------- 1. PRE-INSTALLATION ------------------------------------------------------------------------------- * Ensure you are working on a fresh OS installation. * Extract this ZIP file into an empty folder. * Open 'config.conf' and update the following four variables: $AllRules: Set to "Yes" for testing/high-volume logging or "No" for standard security defaults. $TempDir: Local path for downloaded support files (e.g., "D:\temp"). $WinIDSRoot: Local path for the final installation (e.g., "D:\winids"). $Oinkcode: Your unique 40-character Oinkcode. ------------------------------------------------------------------------------- 2. STEP 1: DOWNLOAD COMPONENTS ------------------------------------------------------------------------------- Open a Command Prompt as ADMINISTRATOR and run: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Downloader.ps1 NOTE: If a download fails due to site security, manually download the specific version mentioned in the error, place it in your $TempDir, and re-run the script until all files are verified. ------------------------------------------------------------------------------- 3. STEP 2: INSTALL SYSTEM ------------------------------------------------------------------------------- Once downloads are complete, run the following in the Admin Command Prompt: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Installer.ps1 The process takes ~10 minutes. The system will automatically reboot 30 seconds after completion. ------------------------------------------------------------------------------- 4. POST-INSTALLATION ------------------------------------------------------------------------------- After reboot, check the Start Menu for the "WinSnort" folder containing: * WinIDS Console (Event Monitoring) * Rules Updater (PulledPork Utility) * Database Utility (PostgreSQL Maintenance) =============================================================================== -
Version
0 downloads
=============================================================================== WINIDS v2.4 - AUTOMATED INSTALLER (Apache2/MySQL BUILD) =============================================================================== This package automates the deployment of a complete Windows Intrusion Detection System. Designed for fresh installs of Windows 10/11 or Windows Server 2016-2024 (64-bit). ------------------------------------------------------------------------------- 1. PRE-INSTALLATION ------------------------------------------------------------------------------- * Ensure you are working on a fresh OS installation. * Extract this ZIP file into an empty folder. * Open 'config.conf' and update the following four variables: $AllRules: Set to "Yes" for testing/high-volume logging or "No" for standard security defaults. $TempDir: Local path for downloaded support files (e.g., "D:\temp"). $WinIDSRoot: Local path for the final installation (e.g., "D:\winids"). $Oinkcode: Your unique 40-character Oinkcode. ------------------------------------------------------------------------------- 2. STEP 1: DOWNLOAD COMPONENTS ------------------------------------------------------------------------------- Open a Command Prompt as ADMINISTRATOR and run: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Downloader.ps1 NOTE: If a download fails due to site security, manually download the specific version mentioned in the error, place it in your $TempDir, and re-run the script until all files are verified. ------------------------------------------------------------------------------- 3. STEP 2: INSTALL SYSTEM ------------------------------------------------------------------------------- Once downloads are complete, run the following in the Admin Command Prompt: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Installer.ps1 The process takes ~10 minutes. The system will automatically reboot 30 seconds after completion. ------------------------------------------------------------------------------- 4. POST-INSTALLATION ------------------------------------------------------------------------------- After reboot, check the Start Menu for the "WinSnort" folder containing: * WinIDS Console (Event Monitoring) * Rules Updater (PulledPork Utility) * Database Utility (MySQL Maintenance) =============================================================================== -
Version
0 downloads
=============================================================================== WINIDS v2.4 - AUTOMATED INSTALLER (Apache2/PostgreSQL BUILD) =============================================================================== This package automates the deployment of a complete Windows Intrusion Detection System. Designed for fresh installs of Windows 10/11 or Windows Server 2016-2024 (64-bit). ------------------------------------------------------------------------------- 1. PRE-INSTALLATION ------------------------------------------------------------------------------- * Ensure you are working on a fresh OS installation. * Extract this ZIP file into an empty folder. * Open 'config.conf' and update the following four variables: $AllRules: Set to "Yes" for testing/high-volume logging or "No" for standard security defaults. $TempDir: Local path for downloaded support files (e.g., "D:\temp"). $WinIDSRoot: Local path for the final installation (e.g., "D:\winids"). $Oinkcode: Your unique 40-character Oinkcode. ------------------------------------------------------------------------------- 2. STEP 1: DOWNLOAD COMPONENTS ------------------------------------------------------------------------------- Open a Command Prompt as ADMINISTRATOR and run: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Downloader.ps1 NOTE: If a download fails due to site security, manually download the specific version mentioned in the error, place it in your $TempDir, and re-run the script until all files are verified. ------------------------------------------------------------------------------- 3. STEP 2: INSTALL SYSTEM ------------------------------------------------------------------------------- Once downloads are complete, run the following in the Admin Command Prompt: powershell -NoProfile -ExecutionPolicy Bypass -NoExit -File Installer.ps1 The process takes ~10 minutes. The system will automatically reboot 30 seconds after completion. ------------------------------------------------------------------------------- 4. POST-INSTALLATION ------------------------------------------------------------------------------- After reboot, check the Start Menu for the "WinSnort" folder containing: * WinIDS Console (Event Monitoring) * Rules Updater (PulledPork Utility) * Database Utility (PosrgreSQL Maintenance) ===============================================================================