[Snort-users] SnortSnarf running on NT Web server?

Dave Schwinn Schwinn.David at ...617...
Tue Oct 10 08:03:59 EDT 2000


I'm running Snortsnarf on a W2K machine with ActiveState Perl 5.6  No
problems encountered whatsoever.  My machine is not production, it's on my
kitchen counter monitoring my home network, so I cannot comment on how it
will hold up in a real world situation.

In snortsnarf.pl you have to make a couple of changes:

# portability stuff - toggle for Unix/Windows.

$os = 'windows';  # Either 'windows' or 'unix'
if($os eq 'windows')
{
 $dirsep = "\\";
 $root = "D:\\";	# Do not make this your system drive, don't want it
to fill up
 $logfileext= '.ids';
 $logfileprototerm= '_';
}
elsif($os eq 'unix')
{
 $dirsep = "\/";		# Unix
 $root = "\/";			# Unix
 $logfileext= '';
 $logfileprototerm= ':';
}

$html = 'html';			# usually html or htm

# Various global variables

$alert_file = $root."snort".$dirsep."alert.ids"; # default input file
$index_page = "index.$html";
$main_page = "index.$html";

Dave Schwinn

-----Original Message-----
From: Joe Magee [mailto:me at ...297...]
Sent: Monday, October 09, 2000 2:14 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] SnortSnarf running on NT Web server?


HEllo, is anyone currently running Snortsnarf on say like an NT4/2k box
running IIS? 

I'm thinking about the possibility of having BSD snortboxes logback to an NT
machine for snortsnarf to process the logs and serve them via ISS or some
sort of webserver package. 

Yes, no, messy, super messy, I should try it and tell you if it works? ; >

- Joe Magee
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-users



More information about the Snort-users mailing list