For anyone still using this guide, if the snort -W command won't show interfaces there is a fix: in the snort\bin folder either rename or put .old at the end of both wpcap.dll and Packet.dll . Once you have done that, uninstall npcap and then reinstall it, with the wireless option selected and the compatibility mode selected. The snort -W command should show the interfaces after that.

Really helpful video series! Thanks so much Miguel! snort -i 1 -c c:\Snort\etc\snort.conf -T snort -i 1 -c c:\Snort\etc\snort.conf -A console IMPORTANT -> (where 1: the number of interface you want eg 1, 2 etc IMPORTANT TO type the correct interface number or you won't have any messages shown when opening tabs and you'll get stuck with "Commencing packet processing". Find the correct interface with ipconfig /all ) alert icmp any any -> any any (msg:"Testing ICMP"; sid:1000001;) alert tcp any any -> any any (msg:"Testing TCP"; sid:1000002;) alert udp any any -> any any (msg:"Testing UDP"; sid:1000003;) Also, it might be best that while installing Npcap you DON'T tick "restrict Npcap driver's access to Administrators only" so you don't get the "registry key" message.

My man, i just had to suscribe because you saved my ass. I struggled ALL day trying to install this. And you helped me not only installing it but also testing it. THANK YOU

Every one of these 3 tutorials is excellent! Great job, Miguel, and thank you.

Thank you so much, loved the step by step, since I have absolutely no clue how to do this. Appreciate the no skipping of parts. Great job ;)

Hey Miguel. Thanks a lot for these videos - saved me a load of time when I could not get snort working. Nice job!

This whole series was SUPER helpful. Thank you!

I wish you would make more tutorials. I genuinely enjoyed your tutorials haha.

Nice, you helped me get through a couple errors. finally got it to successfully validate. 👍

Thank you so much 🙏🙏 Your guide was very well explained !

Mr Miguel Ortega thank you a lot finally have my IDS working, again save my day!

Mines is still stuck on Commencing packet processing

Thanks so much, Miguel you saved my behind!!! Had to subscribe as well!!

It worked! Finally. Thank you so much!

thanks for this video set, this got me going! really appreciate it.

So well explained, kudos to you !

really informative video.helped me a lot. Subscribing for more videos like these.

ERROR: Invalid device number: 1. Fatal Error, Quitting.. Could not create the registry key. i dont get any interface when using snort -W . can anyone help?

if u get fatal error with the code. Delete (uninstall npcap and download the winpcap again) then it will work for u.

I have error "c:\snort\etc\c:\snort ules\blacklist.rules(0) unable to open rules files" c:\snort\etc\c:\snort ules\blacklist.rules " invalid argument. I checked rules files if there blacklist.rules it's there Please help me quickly 🙏 😢

Well done,, thanks for the great video

thank you so much, your video helped me a lot

i loved the backsplash

Can someone help me understand why my interfaces aren't popping up please

the video is GREAT!!!!!!!!!!!! It is simple and easy.

You're a life saver Miguel! (^.^)

I cannot get past the whitelist error even though it is in rules folder, assistance anyone?

Thank you so much for this!

I had follw all the step but my whitelist still not detect? My version of snort is 2.9.16.1. Could u help, cause i dont find a yt that show for my version.

mi es snort se quedo en este paso Commencing packet processing (pid=704) me puedes ayudar por que razon no me culmino, los paquetes. mucgas gracias

★★★★★ I can't help...fallin...with you. Best Solution. Thanks

11:39 it's not working with me, I have a project on Sunday I hope u can help me):

im stuck in the comencing packet processing

sir i face some error like VCruntime140.dll was not found. how i moveon and correct this error kindly tell me

ERROR: c:\Snort\etc\snort.conf(253) Could not stat dynamic module path "/usr/local/lib/snort_dynamicrules": No such file or directory. Fatal Error, Quitting.. Could not create the registry key. PLEASE HELPP

Unable to open address file c:\Snort\etc\c:snort ules\blacklist.rules, Error: Invalid argument Fatal Error, Quitting...... Please help

can somebody help me to solve this error? pcap DAQ configured to passive. The DAQ version does not support reload. Acquiring network traffic from "\Device\NPF_{D2A171BC-7226-4BB3-990E-62492E2D611E}". Decoding Ethernet ERROR: log_tcpdump: Failed to open log file "log/snort.log.1604341082": No such file or directory Fatal Error, Quitting..

ERROR: c:\Snort\etc\snort.conf(0)Unable to open rules file": Invalid argument. Fatal Error, Quitting.. Could not create the registry key. Please help me

verry good. Thank you very much

Stuck at commencing packet processing. Anyone has any idea how to solve this problem?

im stuck here $Commencing packet processing (pid=15812)

Thank you a lot.

Thanks Miguelle

Thanks

priceless

pbe nya lok

hello anyone...or the creator...i'm having an error at the end of the video like this +++++++++++++++++++++++++++++++++++++++++++++++++++ Initializing rule chains... ERROR: c:\Snort ules\local.rules(21) No argument passed to keyword "sid". Make sure you didn't forget a ':' or the argument to this keyword. Fatal Error, Quitting.. idk whats wrong with it.

ERROR: log_tcpdump: Failed to open log file "log/snort.log.1621172629": No such file or directory Fatal Error, Quitting.. how to resolve this

c:\Snort\bin>snort -i 1 -c c:\Snort\etc\snort.conf -T "c:\Snort\etc\c:\Snort\prepoc_rules\decoder.rules": Invalid argument. Fatal Error, Quitting.. Please help

Hey i am not able to see any interfaces? I followed all the steps. Anyone has any solutions?