Snort IDS and Honeyd

By
Advertisement
Lately I have been working on snort IDS for windows. As per requirements to test it in windows, finally got hands on WinIDS. Though there is pre packaged solution on snort IDs with its graphical reporting snorby in Security Onion built in Ubuntu Iso, the preference were given to step by step built up and in windows. WinIds was great. But at last gave the Barnyard error in Windows XP. However such error was not present in windows server 2003. The error was while running barnyard in cmd prompt, it just did not want to run. Next thing I tried to run apache and mysql server that of xampp but just can't. So without further delay just installed fresh apache and mysql. So everything went well on testing in windows server 2003 and made it ready for the deployment.
The next task was to run honeypot in windows. I chose honeyd for windows version. This particular was also incompatible with windows xp. "WinHoneyd is NOT compatible with Windows XP SP2. Microsoft recommended solution:server 2003" one of the experts says in "Experts Exchange". So in favor of server 2003, gave up for Windows XP. I will publish further results after testing. Busy schedule for couple of weeks ahead.

0 comments:

Post a Comment