If you have access to Visual Studio, you may want to download and compile
the snort 1.9 source code (http://www.snort.org/devel.html). I've added
support for running snort as a Windows service. Now at scheduled times (ie
using WinAt) you can run commands like "net stop snortsvc" or "net start
snortsvc".

Install the service by running the command:

    snort /SERVICE /INSTALL any_of_your_regular_parameters

Then you can issue the "net" commands (describe above), or alternately you
can use the Services control panel.

Chris Reid

----- Original Message -----
From: <Andrew.Zielinskibedbath.com>
To: "Brian Ertel" <bsertelamherst.edu>
Cc: <snort-userslists.sourceforge.net>
Sent: Thursday, May 02, 2002 2:23 PM
Subject: Re: [Snort-users] Automating Snort on W2k using WinAt

>
> Brian,
> Not sure if this will help, but I use a scheduling program called
JIT.
> It does allow you to kill a proccess after a certain period of time.
> Originally this program was free, with the latest release there is a very
> reasonable fee. You can find it at.
>
> http://gibinsoft.net/hp/polyakoff/
>
> Andrew Zielinski
>
>
>
> Brian Ertel
> <bsertelamherst.edu> To:
"'snort-userslists.sourceforge.net'"
> Sent by:
<snort-userslists.sourceforge.net>
> snort-users-adminlists.sourc cc:
> eforge.net Subject:
[Snort-users] Automating Snort on W2k
> using WinAt
>

> 05/02/2002 03:28 PM
>
>
>
>
>
>
> This is a re-phrasing of a question that went unanswered.
> Using WinAt I want to automate the starting and stopping
> of snort. I use the snort -de -l c:\inetpub\wwwroot\logs -c snort.conf
> command to start snort. Usually I manually
> stop snort for ending the process in the
> Task Manager, however that will obviously
> not be a viable option in the automatic process.
> I am using WinAt and a .bat file to start snort at 12:00am
> every day with the above command. What command can
> I write in a .bat file in order to automatically stop snort before
> 12am everyday using WinAt and a .bat file?
>
>
> Thank you,
>
> Brian
>
> ----------------------------------
> Brian Ertel
> Systems & Networking
> Network Administrator
> Amherst College
> Voice: 413-542-8320
> Fax: 413-542-2626
> bsertelamherst.edu
> ----------------------------------
>
>
> _______________________________________________________________
>
> Have big pipes? SourceForge.net is looking for download mirrors. We supply
> the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
> _______________________________________________
> Snort-users mailing list
> Snort-userslists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>
>
>
> _______________________________________________________________
>
> Have big pipes? SourceForge.net is looking for download mirrors. We supply
> the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
> _______________________________________________
> Snort-users mailing list
> Snort-userslists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>

_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]