[Snort-users] How to use snort as ips in window 7

J Doe general at ...17107...
Sun May 21 15:19:11 EDT 2017


Hi Zaib,

Your last message (please see below), did not include a body.  I am assuming your question is therefore the subject line, which is "how to use as IPS in win 7".

For installation on Windows, WinSnort.com (linked to from snort.org), may be your best bet [1].  Note that it mentions using Snort as an IDS and not as an IPS as your subject referenced.  AFAIK winpcap (a libpcap implementation via a driver for Windows), does not support injection, but it may be possible to have a script monitor Snort's output and update the Windows Firewall (PowerShell ?)

You may find it more beneficial placing Snort on a *nix box, inline, in front of your Win 7 host(s), as blocking and normalization are then available.  There is much more third-party support/tools for *nix hosts.

Sources:
[1] http://www.winsnort.com/forum/7-support-forums-for-installing-a-3264-bit-windows-7-8x-10-2008-2013-2016-intrusion-detection-system-winids/

- J

> On May 21, 2017, at 2:57 PM, zaib khan <zaibkhan200 at ...11827...> wrote:
> 
> <snort-users at lists.sourceforge.net>



More information about the Snort-users mailing list