scowles Posted June 1, 2015 Report Posted June 1, 2015 (edited) Using the commands in the tutorial to install snort as a service this is the path I end up with. Is it correct? The service won't start and results in- "Windows could not start the Snort service on Local Computer" "Path to executable:" "d:\winids\Snort\bin\snort /SERVICE" Edited June 1, 2015 by scowles Multiple images by mistake
Morpheus Posted June 1, 2015 Report Posted June 1, 2015 Where exactly are you at in the tutorial? What happens: From a open CMD window type 'd:\winids\Snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key.
scowles Posted June 2, 2015 Author Report Posted June 2, 2015 (edited) I got all the way through the How to Install This Windows Intrusion Detection System (WinIDS) tutorial and was getting thousands of alerts. But, I always had to manually start snort from the command line. Barnyard 2 always started automatically. Edited June 2, 2015 by scowles Attachment added to show where I went back to in the tutorial to make snort run as a service
Morpheus Posted June 2, 2015 Report Posted June 2, 2015 Open a CMD window and type 'cd /d d:\winids\snort\bin' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /UNINSTALL' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /INSTALL -c d:\winids\snort\etc\snort.conf -l d:\winids\snort\log -ix' (less the outside quotes), and tap the 'Enter' key. Note: Make SURE the x above reflects your interface number. At the CMD prompt type 'sc config snortsvc start= auto' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'net start snort' (less the outside quotes), and tap the 'Enter' key. The service should now start...
scowles Posted June 3, 2015 Author Report Posted June 3, 2015 Morpheus, Thanks. Good recommendation but I think the registry might be where the issue is?
Morpheus Posted June 3, 2015 Report Posted June 3, 2015 It appears you added a step. Go back and follow the directions.
scowles Posted June 3, 2015 Author Report Posted June 3, 2015 Here's the result of my going back and executing the instructions more carefully-
Morpheus Posted June 3, 2015 Report Posted June 3, 2015 Did you try rebooting? From the CMD prompt type 'd:\winids\snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key. What does the above show?
scowles Posted June 4, 2015 Author Report Posted June 4, 2015 Yes, I have rebooted many times. Results of the requested command run are attached. Thanks.
Morpheus Posted June 4, 2015 Report Posted June 4, 2015 From the command prompt type d:\winids\snort\bin\snort -v -i1 What is the result?
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now