[Snort-users] Attention: Win32 Users - Snort 1.8.7 "STABLE RELEASE" Binaries Available
michaels at ...155...
Wed Jul 10 17:04:04 EDT 2002
If you are going to use Flexible Response then you will need to drop the
LibnetNT.dll file into the same folder as Snort. The file is included
with the binary. You will also need to convert the rules to use
There is a difference in each version. Snort is one file, so that's why
the different binaries. When I packaged Snort I started with the basic
files for the Snort package. I then dropped each binary of Snort into
the basis package, and compressed it for distribution. The only other
file that I added to the basic package was LibNetNT.dll which I only
added to the FlexRESP packages.
Michael Steele | system engineer
mailto:michaels at ...155...
Silicon Defense: IDS solutions - http://www.silicondefense.com
Snort: Open Source Network IDS - http://www.snort.org
From: Don [mailto:Don at ...5881...]
Sent: Wednesday, July 10, 2002 4:49 PM
To: Michael Steele; snort-users at lists.sourceforge.net
Subject: RE: [Snort-users] Attention: Win32 Users - Snort 1.8.7 "STABLE
RELEASE" Binaries Available
is there actually a difference btwn the varied builds, specific files
is there any reference, to tell me what exact files are diff btwn say,
barebones release and flexresp release, for instance maybe everything is
running well, and i want to go from barebones to flex, are there
file i need to change, or can i juts change the snort.exe, or do i need
replace everything and go thru all my rules again?
> >-----Original Message-----
> >From: snort-users-admin at lists.sourceforge.net
> >[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Michael
> >Sent: Tuesday, July 09, 2002 10:19 AM
> >To: snort-users at lists.sourceforge.net
> >Subject: [Snort-users] Attention: Win32 Users - Snort 1.8.7 "STABLE
> >RELEASE" Binaries Available
> >To all Windows users of Snort:
> >Sorry for the confusion as I released Snort 1.87b127 the same day as
> >Snort 1.8.7b128 was being released as the OFFICIAL "Snort 1.8.7
> >Please read all the notices below.
> >The latest 1.8.7 STABLE binaries have been compiled and are now
> >available on our site. There are now 6 flavors available:
> >NOTICE: There are now NEW options in stream4 and frag2 and to update
> >your config files accordingly. This is the OFFICIAL Stable Release of
> >Snort 1.8.7, so it would be wise to update your complete Snort
> >and copy back your custom settings to the new Snort.conf and any
> >files you may have customized.
> >NOTICE: The "Run as Service" has been compiled into this update, and
> >ONLY available for the following Windows environments:
> >1. 2000 Professional / 2000 Server Family
> >2. XP Pro / XP .NET Server Family
> >3. NT Server 4 (latest service pack).
> >The basic usage is as follows:
> >Note: COMPLETELY remove any previous installation of Snort running as
> >service, even Registry settings, then reboot. If you have any
> >or questions, please don't hesitate to email me.
> >There are three command switches that Snort uses for the Service
> >/SERVICE /INSTALL
> >/SERVICE /UNINSTALL
> >/SERVICE /SHOW
> >Explanation of Service options:
> >CAUTION: All the switches MUST be used from the folder that Snort is
> >located in. If Snort is located in C:\Snort then navigate to that
> >and type the command from there.
> >This will install Snort as a service with the specified parameters:
> >"snort /SERVICE /INSTALL -de -c <FULL PATH>\snort.conf -l <FULL
> >This will remove snort as a service:
> >"snort /SERVICE /UNINSTALL"
> >This will display the parameters:
> >"snort /SERVICES /SHOW
> >>From the Start Menu go to Programs / Administrative Tools and Open
> >Services applet in Administrative Tools. Select Snort from the
> >window, right click on Snort, choose Properties, and under startup
> >select Automatic (this will allow snort to be active when there is no
> >one logged on).
> >Note: If you want to stop or start the service from a command prompt
> >"net stop snortsvc"
> >"net start snortsvc"
> >Note: If you want to change the parameters then you must:
> >Take Snort down: net stop snortsvc
> >snort /SERVICE /UNINSTALL
> >snort /SERVICE /INSTALL < NEW PARAMETERS >
> >Bring Snort back up: net start snortsvc
> >A Big THANK YOU to Chris Reid for this...
> >NOTICE: The latest WinPcap has gone gold! Version 2.3
> >NOTICE: LibnetNT.dll can be found at:
> >NOTICE to all our clients: We will ONLY be supporting the STABLE
> >RELEASES of Snort 1.7.1, Snort 1.8.1, Snort 1.8.2, 1.8.3, 1.86, and
> >at this time.
> >Link to Downloads:
> >Link to Documentation:
> > Michael Steele | System Engineer / Support Technician
> > mailto:michaels at ...155...
> > Silicon Defense: IDS solutions - http://www.silicondefense.com
> > Snort: Open Source Network IDS - http://www.snort.org
> >This sf.net email is sponsored by:ThinkGeek
> >Stuff, things, and much much more.
> >Snort-users mailing list
> >Snort-users at lists.sourceforge.net
> >Go to this URL to change user options or unsubscribe:
> >Snort-users list archive:
More information about the Snort-users