[Snort-users] How to use snort as ips in window 7

zaib khan zaibkhan200 at ...11827...
Sun May 21 16:41:06 EDT 2017

I have already install snort
But some rules are not working for me
Like drop connection in tcp syn flood attack etc
On May 22, 2017 12:19 AM, "J Doe" <general at ...17107...> wrote:
> Hi Zaib,
> Your last message (please see below), did not include a body.  I am
assuming your question is therefore the subject line, which is "how to use
as IPS in win 7".
> For installation on Windows, WinSnort.com (linked to from snort.org), may
be your best bet [1].  Note that it mentions using Snort as an IDS and not
as an IPS as your subject referenced.  AFAIK winpcap (a libpcap
implementation via a driver for Windows), does not support injection, but
it may be possible to have a script monitor Snort's output and update the
Windows Firewall (PowerShell ?)
> You may find it more beneficial placing Snort on a *nix box, inline, in
front of your Win 7 host(s), as blocking and normalization are then
available.  There is much more third-party support/tools for *nix hosts.
> Sources:
> [1]
> - J
> On May 21, 2017, at 2:57 PM, zaib khan <zaibkhan200 at ...11827...> wrote:
>> <snort-users at lists.sourceforge.net>

More information about the Snort-users mailing list