Snort Install Windows: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) (→Test) |
Thomas (Diskussion | Beiträge) (→Test) |
||
| Zeile 13: | Zeile 13: | ||
==Test== | ==Test== | ||
| − | + | ===Interface Nummer herausfinden=== | |
*C:\Snort\bin>snort -W | *C:\Snort\bin>snort -W | ||
<pre> | <pre> | ||
| Zeile 32: | Zeile 32: | ||
NPF_{D2115EC4-8770-4D98-83E9-AC63C3480AE6} Sophos SSL VPN Adapter | NPF_{D2115EC4-8770-4D98-83E9-AC63C3480AE6} Sophos SSL VPN Adapter | ||
</pre> | </pre> | ||
| − | + | ===Konfiguration testen=== | |
| − | + | *snort -i 1 -c c:\Snort\etc\snort.conf -T | |
| − | |||
Version vom 24. August 2016, 08:30 Uhr
Download
Install
Winpcap
Snort
Test
Interface Nummer herausfinden
- C:\Snort\bin>snort -W
,,_ -*> Snort! <*-
o" )~ Version 2.9.8.3-WIN32 GRE (Build 383)
'''' By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
Copyright (C) 2014-2015 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using PCRE version: 8.10 2010-06-25
Using ZLIB version: 1.2.3
Index Physical Address IP Address Device Name Description
----- ---------------- ---------- ----------- -----------
1 08:00:27:5A:CD:4E 0000:0000:fe80:0000:0000:0000:0c88:4afd \Device\
NPF_{769A54CE-2839-4D39-A753-C36840BB3EB3} Intel(R) PRO/1000 MT-Desktopadap
ter
2 00:FF:D2:11:5E:C4 0000:0000:fe80:0000:0000:0000:2df0:da06 \Device\
NPF_{D2115EC4-8770-4D98-83E9-AC63C3480AE6} Sophos SSL VPN Adapter
Konfiguration testen
- snort -i 1 -c c:\Snort\etc\snort.conf -T
Snort starten
- cd c:\snort\bin
- snort -A console -i 1 -c c:\snort\etc\snort.conf -l c:\snort\log