[Snort-users] New install of Snort on Windows 2008

Joel Esler jesler at ...1935...
Wed Feb 6 11:11:55 EST 2013


On Feb 6, 2013, at 10:32 AM, Erik D. Sciortino <ESciortino at ...16077...> wrote:

> Hello All,
>  
> Snort newbie here. I recently installed Snort on a Windows 2008 R2 (x64) box with MySQL back-end and am using barnyard2 for log processing and parsing. When I run snort in packet sniffer mode (-v), I can see all the traffic coming through on the spanned switch port. However, when I switch snort into active mode with the –l switch, noting gets written into the log file. I’ve reviewed the instructions I have for installing snort on a Windows box and appear to have followed all the steps correctly, the snort.conf, and have even run snort in test mode (-T) and nothing appears amiss.
>  
> Because I’m a newbie, I’m not sure where to go next and would appreciate any wisdom, advice, etc. that I could get to help resolve this issue….

It would help us the most if you were able to post your snort.conf and our command line for Snort to run.

I'd recommend using Snort not on a Windows box, but that's just my 0.02.

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130206/b294acea/attachment.html>


More information about the Snort-users mailing list