|
|
 |
Snare Agent for Windows
Snare for Windows is a Windows NT, Windows 2000, Windows XP, and Windows 2003
compatible service that interacts with the underlying Windows Eventlog
subsystem to facilitate remote, real-time transfer of event log information.
Event logs from the Security, Application and System logs, as well as the new
DNS, File Replication Service, and Active Directory logs are supported. Log
data is converted to text format, and delivered to a remote Snare Server,
or to a remote Syslog server with configurable and dynamic facility and priority settings.
Snare is currently used by hundreds of thousands of individuals,
and organisations worldwide. Snare for Windows is used by many large Financial,
Insurance, Healthcare, Defence, AeroSpace, and Intelligence organisations to
meet elements of local and federal security requirements, such as:
- ACSI 33
- GLBA (Gramm-Leach-Bliley Act)
- Sarbanes Oxley (SOX)
- C2 / CAPP
- DCID 6/3
- DIAM 50-4
- DDS-2600-5502-87 Chapter 4
- NISPOM Chapter 8
- HIPAA
- PCIDSS
- California Senate Bill 1386
- USA Patriot Act
- Danish Standard DS-484:2005
- British Standard BS7799
|
SNARE for Windows is free software (freeware), released under the terms of the
GNU Public Licence (GPL).
|
|
Network Configuration
|
Remote Configuration
|
Network Configuration
|
Event Details
|
Objective Configuration
|
Objective Add
|
|
|
|
Documentation for Snare for Windows is available from our resources page.
Information on creating a custom MSI package for Snare for Windows, is also available here.
| InterSect provides commercial support for Snare Agents and the Snare Server, but assistance is also available from the Snare Sourceforge Forum. |
|
|
|
Snare for Windows downloads:
Snare for Windows VISTA downloads:
Like to keep up to date with Snare releases? Sourceforge offer an email notification service that will send you an email each time we release a new version of Snare. Click here to set this up.
Need to automatically install Snare on multiple systems?
The following tools will require some customisation for your organisation, but may provide you with a starting point. You may also wish to consider the 'MSI' package creation instructions. MSI packages can be installed remotely using SMS, and other Microsoft, and third party, utilities.
- RSNARE - A Batch file that installs snare to the ADMIN$ share (Thanks to Steven Chase of Verizon Select Services!)
- SnareInstaller - an automated VBS script that performs similar functions to the RSNARE batch file. The additional requirements are:
- Browse List Filter - Helps to create a list of servers from the Master Browse List
- regobji.exe - Available from the Mircosoft website, this file provides the necessary remote registry object used by the script
- Support Tools - Available from the Mircosoft website (e.g. WindowsServer2003-KB892777-SupportTools-x86-ENU.exe), some of the support tools are required by the Browse List Filter
- Read Me - Text file containing instructions on how to use the script
PAD File
|
|
Snare Server |
The Snare Server builds on the success of our Open Source audit & event log agents. When used in combination, our Snare agents, and Server provide a robust and effective resource for event log management. Snare Server Snort ReportThis link will take you to a small report exported from our Snare Server, that shows attacks against our website |
|
|
![[InterSect Swish]](/images/Right-Swish.jpg)
