RE: how to start snort service on win2000 pro successfully?

["Michael Steele" <michaels () winsnort com>]

Qxw14,

Do a snort /SERVICE /SHOW and send that.

Make SURE MySQL is setup properly, and that Snort can connect to the
database.

In the Event Viewer under Application there should be an error that was
generated, what is the error (cut and paste the complete error)?

Cheers...

-Michael Steele
-- 
 System Engineer / Security Support Technician     
 mailto:michaels () winsnort com    
 Website: http://www.winsnort.com
 Snort: Open Source Network IDS - http://www.snort.org


-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of qxw14 () cwru edu
Sent: Tuesday, May 27, 2003 3:06 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] how to start snort service on win2000 pro
successfully?

Hello ,
I tried to install Snort on Win2000 Professional. But I don't think the
docoment of "Snort's Place in a Windows 2000 Environment" is much helpful.
After reading it, I don't know how to start snort service.
Then I followed the "Snort Installation Manual--Snort, MySQL, ACID, &
Apache" from SILICON DEFENSE. I configed the snort.conf according to
instructioin. When I tried to start snort service, the following error
occured.


C:\Applications\Snort\bin>net start snort
The Snort service is starting.
The Snort service could not be started.

A system error has occurred.

System error 1067 has occurred.

The process terminated unexpectedly.



There are only two things I am not sure:
1. var HOME_NET any
I only wanted to monitor my own host. Since my IP address is assigned
dynamically, I changed it to:
var HOME_NET $(interfacename}_ADDRESS)
(notes: I obtain the interfacename from the command "snort -W")

2. snort /SERVICE /INSTALL -c c:\applications\snort\etc\snort.conf -l
c:\applications\snort\log -i1
x is noted to be the number of the NIC for Snort to sniff on. But I don't
know what's the meaning of NIC. 


Is there anybody who can give me kind advice?

Thanks
QY



-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users





-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users