RE: [Snort-users] SnortSnarf in Windows
This is a discussion on RE: [Snort-users] SnortSnarf in Windows within the Snort forums, part of the System Security and Security Related category; Yes but it was under "Installing and configuring ActivePerl" which I had skipped because I had already installed ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-02-2003
|
|||
|
|||
RE: [Snort-users] SnortSnarf in Windows
Yes but it was under "Installing and configuring ActivePerl" which I had
skipped because I had already installed ActivePerl. Ok I got everything working ok, but when I got to "Starting the IDS SnortSnarf alert console" and ran the command from the command prompt, it gave me the following error: "SnortFileInput: input file d:\inetpub\wwwroot\log\alert.ids does not exist; skipping it" Do I need to copy the alert.ids to this folder? -----Original Message----- From: Michael Steele [mailto:michaels@winsnort.com] Sent: Wednesday, October 01, 2003 5:00 PM To: 'snort-ml' Subject: RE: [Snort-users] SnortSnarf in Windows You need to create the folder. Does the guide tell you too? Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels@winsnort.com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-ml [mailto:snort-ml@faceit.com] Sent: Wednesday, October 01, 2003 1:14 PM To: 'Michael Steele' Subject: RE: [Snort-users] SnortSnarf in Windows Well not yet, but I'll try and let you know the result. In the meantime I have to deal with another issue: When I tried to copy the Snortsnarf's cgi folder, I found out there's no "cgi" folder under Inetpub\wwwroot. I'm running W2K server/IIS5. There's a "cgi-bin" under www on our NT boxes, but no "cgi" folder on any of the W2K machines. Any ideas? -----Original Message----- From: Michael Steele [mailto:michaels@winsnort.com] Sent: Wednesday, October 01, 2003 2:53 PM To: 'snort-ml' Subject: RE: [Snort-users] SnortSnarf in Windows I'm not sure as it's been about a year since my last install. I'm thinking that I ran the lockdown tool and there were options back in IIS to enable server side includes, but maybe not. There is however a file located somewhere on the 2003 install that you can edit to remove that restriction. Have you tried the lockdown tool? You can reverse the lockdown procedure. Let me know what you find. Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels@winsnort.com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-ml [mailto:snort-ml@faceit.com] Sent: Wednesday, October 01, 2003 10:30 AM To: 'Michael Steele' Subject: RE: [Snort-users] SnortSnarf in Windows Ok in the document it is recommended to run IIS Lockdown, but this would disable server side includes and scripts and installs the URLscan filter. Wouldn't these interfere with running Perl? -----Original Message----- From: Michael Steele [mailto:michaels@winsnort.com] Sent: Saturday, September 27, 2003 4:58 AM To: snort-users@lists.sourceforge.net Subject: RE: [Snort-users] SnortSnarf in Windows You can try: http://www.winsnort.com Cheers... -Michael Steele -- System Engineer / Security Support Technician mailto:michaels@winsnort.com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org -----Original Message----- From: snort-users-admin@lists.sourceforge.net [mailto:snort-users-admin@lists.sourceforge.net] On Behalf Of snort-ml Sent: Friday, September 26, 2003 12:23 PM To: snort-users@lists.sourceforge.net Subject: [Snort-users] SnortSnarf in Windows Does anyone know how to configure SnortSnarf in Windows? I have a W2K server, with www & Perl installed. I have downloaded Snortsnarf and ran the makefile.pl in Time-Modules directory. How do I configure SnortSnarf to create html pages? ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
