Winsnort.com has been major long-term contributor to the Snort community since 2002. By default, Winsnort.com is the place to visit if you are curious about running a Windows (Win) Intrusion Detection System (IDS).   There have been literally thousands of modifications to the tutorials for the Windows Intrusion Detection System (WinIDS) in the last 20 years. There is support for a multitude of 64-bit Windows operating systems.   Winsnort.com has always been a free service and will continue to be for as long as possible.   Winsnort.com now has the power to incorporate features, and security it always needed - essentially building out a single web destination for those looking to learn how to install an Intrusion Detection System based on the Microsoft Windows operating system.   Winsnort.com streamlined its navigation and member experience so that you have better access to the on-line tutorials and support message bases. The on-line tutorials now have a fresh new bold look that should make it easier to follow.   The Winsnort.com Management...

Winsnort.com has completed a major update to the Local Syslog Server tutorial, and created a new Remote Syslog Server tutorial.

One or more support programs have been updated: The Windows Intrusion Detection System (WinIDS) has had a major update to the Rules Updating process. The rules can now be manually updated from a shortcut on the desktop or be scheduled to be ran silent. The Rules updater can be optionally configured to send email results. An email will be sent for pretty much any outcome. The email will contain the sensor name in the subject field of the email from whichever sensor the email originated from (useful if there are multiple remote sensors sending emails to the same SMTP server). The script can also be set to silent mode which basically prevents any text output to the console (which was intended for remote unmanaged sensors). The main features are: Will exit if a rule update is not available. Will update the rules if one is available. Updating the rules can be scheduled. The sensor can be optionally configured to send out email results. The sensor ID will be included in the subject of the email. If the update fails the verification process, it will rollback. Can be ran from a desktop shortcut in a console window. Can be ran optionally in silent mode for unmanaged remote sensors.  Email support requires access to a valid SMTP server... There is a new tutorial available found here: Updating the Windows Intrusion Detection Systems Rules

One or more support programs have been updated: Apache2 from 2.4.65-250724 to 2.4.66-251206 adodb has been updated from 5.22.10 to 5.22.11 Fore this update the Modder file has been updated and the locations of the support files have been moved.around.  Recompiled Barnyard2 for any new database version/s listed above & updated the compiling process tutorial...

WinIDS Development is proud to announce the release of WinIDS v4.0. This major milestone represents a complete ground-up rewrite of the framework, moving from version 2.5 to 4.0 to reflect extensive architectural improvements and new utility integrations. WinIDS 4.0 provides a near-zero configuration deployment of a full Intrusion Detection System, utilizing the latest in open-source security software. Enterprise Compatibility & Flexible Deployment Operating Systems: Full support for Windows 10/11 and Windows Server 2019 through 2025. Sensor Architecture: Automated installers are now available for Standalone sensors, Host sensors, and Remote nodes. Modular Infrastructure Stack: Users can mix and match web servers (IIS or Apache) with database engines (PostgreSQL or MySQL) based on specific environmental requirements or personal preference. Intelligent Remote Nodes: Remote node installers now feature Auto-Detection logic that identifies the Host’s active database engine and automatically establishes the appropriate connection parameters. Scalability: A new utility allows for the seamless conversion of a Standalone sensor to a Host sensor, with the ability to manage and add multiple remote nodes. System Resilience & Recovery Admin safety is prioritized through integrated recovery tools, accessible via new system menu shortcuts: Pre-Install Restore Points: Workstation installers can automatically create a System Restore point during the installation process. RestorePoint Utility: A dedicated utility is included to completely remove the Windows Intrusion Detection system and revert the OS to its exact pre-installation state. Advanced Management Tools Database Manager: A centralized tool for connectivity testing, user credential refreshing, and database maintenance. Security Console: Features a specialized Windows-optimized version of BASE (Basic Analysis and Security Engine) for event viewing and management. Rules Updater (PulledPork Wrapper): A completely rewritten utility featuring: Integrated Scheduler: Automate your rule updates. Rollback Protection: Automatically reverts to previous rule sets on update failure. Version Retention: Retains a configurable number of successful rule sets. Alerting: Built-in SMTP mail support for status notifications. Silent Mode: Facilitates background execution with extensive logging for audit trails. Documentation Each deployment package includes a comprehensive README file detailing the specific configurations and advanced features of these utilities.