Jump to content

Morpheus

Administrators
 View Profile  See their activity

  • Posts

    617

  • Joined

  • Last visited

  • Days Won

    101

  • Donations

    11.00 USD 

 Content Type 

Everything posted by Morpheus

  1. Morpheus
    It won't hurt to run it again. It could take up to 10 min. to automatically reboot. Don't intervene.
  2. Morpheus
    Did you run the modder.vbs file, and allow it to reboot by itself?
  3. Morpheus
    Zip up everything in the \inetpub\logs\LogFiles folder and attach.
  4. Morpheus
    I only found one small item. I'm not sure because it appears that PHP is working because the test.php file runes as expected. You might try renaming the base folder, extracting the base program using administrator privileges, extract the signatures to the base folder per the tutorial, and copy the new config to the base folder. base_conf .php
  5. Morpheus
    Attach the base_conf.php file.
  6. Morpheus
    What happens when you type from the URL: http://winids/base_main.php
  7. Morpheus
    At this point in the tutorial you should be finished. To test php at this point the test.php file needs to be copied to the d:\winids\inetpub\wwwroot\base\ folder. From the URL type: http://winids/test.php What kind of response are you getting?
  8. Morpheus
    The majority of MySQL commands end with a ; Follow the tutorial carefully.
  9. Morpheus
    Yes, bypass that if it's not installed it will create an error later on. I'll see if I can find a command to run that will verify its actually installed. 2008 may install it by default.
  10. Morpheus
    I just checked my 2008 and there is also no folder. Just bypass that and make SURE you update using Microsoft update until there is nothing left to update. Let us know if it works for you. It's possible that updating will add the needed software?
  11. Morpheus
    I appears to be a problem with pre existing software that may be still installed, or possibly installed but removed. If this is system that is unknown to you then a fresh install of one of the support OS's will need to be done, and then restart the tutorial.
  12. Morpheus
    Is this a Fresh install of the OS? Was the modder.vbs file ran? Was the modder.vbs allowed to reboot the OS on its own? Was the original path followed or was it changed? Did you follow the tutorial to manually install PHP or did you use the Web Installer to install PHP?
  13. Morpheus
    You line 413 is: preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low } logfile {\portscan.log} Line 413 should be: preprocessor sfportscan: proto { all } memcap { 10000000 } sense_level { low } logfile { \portscan.log }
  14. Morpheus
    All the riles are now compiled into a single winids.rules file. If you are not catching events then there are a few reasons why. 1) HOME_NET is not set correctly 2) The '-ix' switch in the run line is pointing to the wrong interface 3) The Windows Intrusion Detection System is plugged into a switch that either is not capable of mirroring. or mirroring is not setup.
  15. Morpheus
    From the command prompt type d:\winids\snort\bin\snort -v -i1 What is the result?
  16. Morpheus
    Did you try rebooting? From the CMD prompt type 'd:\winids\snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key. What does the above show?
  17. Morpheus
    I don't see any result?
  18. Morpheus
    It appears you added a step. Go back and follow the directions.
  19. Morpheus
    Open a CMD window and type 'cd /d d:\winids\snort\bin' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /UNINSTALL' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'snort /SERVICE /INSTALL -c d:\winids\snort\etc\snort.conf -l d:\winids\snort\log -ix' (less the outside quotes), and tap the 'Enter' key. Note: Make SURE the x above reflects your interface number. At the CMD prompt type 'sc config snortsvc start= auto' (less the outside quotes), and tap the 'Enter' key. At the CMD prompt type 'net start snort' (less the outside quotes), and tap the 'Enter' key. The service should now start...
  20. Morpheus
    The above xxxx needs to be 2973​ and it gets set in the pulledpork.conf file. snort_version=2.9.7.3 Note: UNIX uses 'uname' to extract the version from Snort, but in Windows 'uname' is not available so they have added the 'snort_version=' in case 'uname' is not available.
  21. Morpheus
    Where exactly are you at in the tutorial? What happens: From a open CMD window type 'd:\winids\Snort\bin\snort /SERVICE /SHOW' (less the outside quotes), and tap the 'Enter' key.
  22. Morpheus
    Your run line is wrong: perl d:\winids\pulledpork\pulledpork.pl -c d:\winids\pulledport\etc\pulledpork.conf -T Run line should be: perl d:\winids\pulledpork\pulledpork.pl -c d:\winids\pulledpork\etc\pulledpork.conf -T
  23. Morpheus
    No problem, happy you got it all going.
  24. Morpheus
    Sure use user root and you can change anything. It's better to just create new users with new passwords. Use the tutorial and create new users with new passwords, and make sure they have the appropriate permissions. After you have them created go in and change the authentication for the snort run line and the Windows Intrusion Detection Systems security console. Once the new authentications are verified, the old users can be dropped.
  25. Morpheus
    ​Great...
×
×
  • Create New...