[Snort-users] New install of Snort on Windows 2008

Erik D. Sciortino ESciortino at ...16077...
Wed Feb 6 10:32:38 EST 2013

Hello All,

Snort newbie here. I recently installed Snort on a Windows 2008 R2 (x64) box with MySQL back-end and am using barnyard2 for log processing and parsing. When I run snort in packet sniffer mode (-v), I can see all the traffic coming through on the spanned switch port. However, when I switch snort into active mode with the -l switch, noting gets written into the log file. I've reviewed the instructions I have for installing snort on a Windows box and appear to have followed all the steps correctly, the snort.conf, and have even run snort in test mode (-T) and nothing appears amiss.

Because I'm a newbie, I'm not sure where to go next and would appreciate any wisdom, advice, etc. that I could get to help resolve this issue....

Thanks In Advance!


Erik D. Sciortino, CISSP, CISM, CIPP
Director of Data Security

American Board of Internal Medicine
510 Walnut Street | Suite 1700 | Philadelphia, PA 19106
P: 215.446.3525 | C: 215.847.2207 | E: esciortino at ...16078...<mailto:esciortino at ...16078...>
P Save Paper - Do you really need to print this e-mail?

CONFIDENTIALITY NOTICE: This message and any attachments may contain confidential or proprietary information and are only for the use of the intended recipient(s) named above. If you are not the intended recipient or an agent responsible for delivering it to the intended recipient, please notify us immediately by replying to this email and delete or destroy the original and all copies thereof. Any unauthorized disclosure, use, distribution, or reproduction of this message or any attachments is prohibited and may be unlawful.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130206/0a062a7f/attachment.html>

More information about the Snort-users mailing list