[Snort-users] running basic snort on windows

Craig Wickesser codecraig at ...11827...
Mon Mar 7 18:15:12 EST 2005


So I should be able to run snort in non-promiscuous mode?  if so, can 
you direct me to how to do that?

Thanks in advance,
craig

Dennis Propson wrote:

>Hey Craig,
>
>If you are going wireless, do not capture in promiscuous mode.  You should
>be fine when you make this change.
>
>Dennis
>
>-----Original Message-----
>From: snort-users-admin at lists.sourceforge.net
>[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Craig W
>Sent: Monday, March 07, 2005 4:34 PM
>To: snort-users at lists.sourceforge.net
>Subject: Re: [Snort-users] running basic snort on windows
>
>
>well i have tried running ethereal and i am unable to capture any
>packets at all.  I am using a Intel(R) PRO/Wireless 2200BG network
>card....and i have found someone else with the same card, same OS,
>same snort, winpcap, etc....same problem.
>
>anyone know about this issue??
>
>thanks
>
>On Mon, 7 Mar 2005 15:50:32 -0500, Craig W <codecraig at ...11827...> wrote:
>  
>
>>well its not the beta version, and i dont need a beta version.  I
>>never had winpcap installed previously, so there is no old versions
>>existing.
>>
>>...maybe i will try another winpcap version.
>>
>>thanks
>>
>>
>>On Mon,  7 Mar 2005 14:37:34 -0600, Rich Adamson <radamson at ...2127...>
>>    
>>
>wrote:
>  
>
>>>>I am running snort v2.3.0 RC2 on win xp pro....following the advice
>>>>given in previous posts I running through the README.WIN32....
>>>>
>>>>When i perform one of the "simple" tests i get an error...below is
>>>>        
>>>>
>what i did
>  
>
>>>>C:\>snort -v -n 3 - i 1
>>>>Running in packet dump mode
>>>>
>>>>Initializing Network Interface \Device\NPF_{<mac_address_was_here>
>>>>}
>>>>ERROR: OpenPcap() FSM compilation failed:
>>>>        parse error
>>>>PCAP command: i 1
>>>>Fatal Error, Quitting..
>>>>
>>>>
>>>>I installed WinPCap v3.0, then installed snort, rebooted my machine.
>>>>FYI, i ran snort -W first to list my interfaces and it worked (i only
>>>>have 1).
>>>>        
>>>>
>>>Kind of smells like an incorrect WinPcap version. If you had installed
>>>some other WinPcap verison and then installed v3.0 (no beta), you
>>>should have rebooted prior to installing v3.0. If any of that sounds
>>>familiar, then uninstall WinPcap, reboot, and install v3.0 again.
>>>
>>>If you used a version of WinPcap v3.0 that includes the words 'beta',
>>>etc, uninstall it and install v3.0.
>>>
>>>If that above doesn't apply, the check:
>>> system32\packet.dll is dated 4/4/2003
>>> system32\wpcap.dll is dated 4/4/2003
>>>
>>>I've got several of these running winpcap v3.0 on WinXP with no
>>>      
>>>
>problems.
>  
>
>>>Rich
>>>
>>>
>>>      
>>>
>>--
>>
>>http://www.codecraig.com
>>http://jroller.com/page/codecraig
>>
>>    
>>
>
>
>--
>
>http://www.codecraig.com
>http://jroller.com/page/codecraig
>
>
>-------------------------------------------------------
>SF email is sponsored by - The IT Product Guide
>Read honest & candid reviews on hundreds of IT Products from real users.
>Discover which products truly live up to the hype. Start reading now.
>http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>  
>





More information about the Snort-users mailing list