Professional Documents
Culture Documents
3. https://npcap.com/#:~:text=Downloading%20and%20Installing
%20Npcap%20Free%20Edition&text=Simply%20run%20the
%20executable%20installer,documented%20in%20the%20Npcap
%20Changelog
Modification #1
Modification #2
Modification #3
Modification #4
Modification #5
Modification #6
Modification #7
Go to C:\Snort\rules, find the file blacklist.rules, open using notepadd++
Change here in this file BLACKLIST RULES to WHITELIST RULES and save
as this file whitelist.rules
After this step if you see the rules folder in SNORT, you will find 2 files,
blacklist.rules and whitelist.rules
2nd cmd:
Result:
3rd cmd:
1. C:\Snort\bin>snort -W
2. C:\Snort\bin> snort -i 1 -c C:\Snort\etc\snort.conf -T
3. C:\Snort\bin> snort -i 1 -c C:\Snort\etc\snort.conf -A console
Corrections required
Find your IP address if your are connected to WIFI, open network properties
Open CMD
1. C:\Snort\bin\snort -W
Try out the following commands given below and
until you get success status.
2. snort -i 4 -c C:\Snort\etc\snort.conf -T
snort -i 4 -c C:\Snort\etc\snort.conf -A console
3. snort -i 5 -c C:\Snort\etc\snort.conf -T
snort -i 5 -c C:\Snort\etc\snort.conf -A console
4. snort -i 6 -c C:\Snort\etc\snort.conf -T
snort -i 6 -c C:\Snort\etc\snort.conf -A console
5. snort -i 7 -c C:\Snort\etc\snort.conf -T
snort -i 7 -c C:\Snort\etc\snort.conf -A console
6. snort -i 8 -c C:\Snort\etc\snort.conf -T
snort -i 8 -c C:\Snort\etc\snort.conf -A console
7. snort -i 9 -c C:\Snort\etc\snort.conf -T
snort -i 9 -c C:\Snort\etc\snort.conf -A console
Final results below screenshots
snort -i 5 -c C:\Snort\etc\snort.conf -v
snort -i 5 -c C:\Snort\etc\snort.conf -A console -v
snort -i 5 -c C:\Snort\etc\snort.conf -A console -vd
snort -i 5 -c C:\Snort\etc\snort.conf -A console -d -v -e