
scowles
Members-
Content count
19 -
Joined
-
Last visited
About scowles

-
Rank
Member
Profile Information
-
Country
USA
Recent Profile Visitors
-
I have completed installing and configuring for PulledPork. Now I see all of these SO_RULES in the snort.conf file. They are all commented out. I am not catching any events. I see no other rules in snort.conf other than SO_RULEs. Are there supposed to be regular rules there? If yes, how do I get them there? I have started to read- SO_Rules are not compatible with Windows.
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Yes, I have rebooted many times. Results of the requested command run are attached. Thanks.- 11 replies
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Missing Results attached- 11 replies
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Here's the result of my going back and executing the instructions more carefully-- 11 replies
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Morpheus, Thanks. Good recommendation but I think the registry might be where the issue is?- 11 replies
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
I got all the way through the How to Install This Windows Intrusion Detection System (WinIDS) tutorial and was getting thousands of alerts. But, I always had to manually start snort from the command line. Barnyard 2 always started automatically.- 11 replies
-
Using the commands in the tutorial to install snort as a service this is the path I end up with. Is it correct? The service won't start and results in- "Windows could not start the Snort service on Local Computer" "Path to executable:" "d:\winids\Snort\bin\snort /SERVICE"
- 11 replies
-
The configuration of Pulled Pork installation is verified. Now testing update of rules and signatures using Pulledpork. The attachment shows the error that results from the test. I have gone to the referenced line numbers shown in the error message but have not been able to determine a resolution. Please advise.
- 1 reply
-
- rules
- signatures
-
(and 3 more)
Tagged with:
-
scowles replied to belnando's topic in Help with installing Master Sensor Rule Management using PulledPork
Is there some type of message to acknowledge that the command has completed? perl d:\winids\pulledpork\pulledpork.pl -c d:\winids\pulledpork\etc\pulledpork.conf -T The first time I've run it, seems to be stuck at "Prepping rules from opensource.gz for work...." for hours now. -
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Update: I've successfully completed the Barnyard2 testing with a good result. Thanks. -
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
This has NOT been resolved by correcting configuration errors. Barnyard2 fails with "ERROR: database connection to database 'snort' failed Barnyard2 exiting database: Closing connection to database "snort" Postresql Error Msg.docx -
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Good thought. However, I took your advice and did DROP DATABASE snort successfully and then created it again. Same result- The Barnyard2 configuration test fails with the following result- ERROR: database Connection to database 'snort' failed Fatal Error, exiting database: Closing connection to database "snort" Note also: I can connect to the snort database as user postgres via '\connect snort;' Any further suggestions for resolving would be appreciated. -
After checking and double-checking the Barnyard2.conf file which is including the line 'output database: log, postgresql, user=snort password=l0gg3r dbname=snort host=winids sensor_name=WinIDS-Home' The Barnyard2 configuration test fails with the following result- ERROR: database Connection to database 'snort' failed Fatal Error, exiting database: Closing connection to database "snort" Any suggestions for resolving would be appreciated.
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
One more command under the install tutorial heading of "Creating the Windows Intrusion Detection System Database Tables " \i d:/temp/snort_user.sql; the result is WARNING: sequence "reference_ref_id_seq" only supports USAGE, SELECT, and UPDATE privileges but after that I get GRANT Is that the expected result?- 4 replies
-
- permission denied
- schemas create
-
(and 2 more)
Tagged with:
-
scowles replied to scowles's topic in Help with installing an IIS Web Server, and logging events to a PostgreSQL Database
Thank you. Reversing the slashes as you suggested and keeping the semi-colon worked...so far- 4 replies
-
- permission denied
- schemas create
-
(and 2 more)
Tagged with: