Posted June 1, 2015 (edited) Using the commands in the tutorial to install snort as a service this is the path I end up with. Is it correct? The service won't start and results in- "Windows could not start the Snort service on Local Computer" "Path to executable:" "d:\winids\Snort\bin\snort /SERVICE" Edited June 1, 2015 by scowles Multiple images by mistake Share this post Link to post Share on other sites
Posted June 1, 2015 Where exactly are you at in the tutorial? What happens: From a open CMD window type 'd:\winids\Snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key. Share this post Link to post Share on other sites
Posted June 2, 2015 (edited) I got all the way through the How to Install This Windows Intrusion Detection System (WinIDS) tutorial and was getting thousands of alerts. But, I always had to manually start snort from the command line. Barnyard 2 always started automatically. Edited June 2, 2015 by scowles Attachment added to show where I went back to in the tutorial to make snort run as a service Share this post Link to post Share on other sites
Posted June 2, 2015 Open a CMD window and type 'cd /d d:\winids\snort\bin' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /UNINSTALL' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /INSTALL -c d:\winids\snort\etc\snort.conf -l d:\winids\snort\log -ix' (less the outside quotes), and tap the 'Enter' key. Note: Make SURE the x above reflects your interface number. At the CMD prompt type 'sc config snortsvc start= auto' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'net start snort' (less the outside quotes), and tap the 'Enter' key. The service should now start... Share this post Link to post Share on other sites
Posted June 3, 2015 Morpheus, Thanks. Good recommendation but I think the registry might be where the issue is? Share this post Link to post Share on other sites
Posted June 3, 2015 It appears you added a step. Go back and follow the directions. Share this post Link to post Share on other sites
Posted June 3, 2015 Here's the result of my going back and executing the instructions more carefully- Share this post Link to post Share on other sites
Posted June 3, 2015 Did you try rebooting? From the CMD prompt type 'd:\winids\snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key. What does the above show? Share this post Link to post Share on other sites
Posted June 4, 2015 Yes, I have rebooted many times. Results of the requested command run are attached. Thanks. Share this post Link to post Share on other sites
Posted June 4, 2015 From the command prompt type d:\winids\snort\bin\snort -v -i1 What is the result? Share this post Link to post Share on other sites
