1. Snort For Mac Pro
2. Snort Tool For Mac
3. Snort For Mac Free
4. Snort Maca
5. Snort Machine

Jun 02, 2001  Snort should work any place libpcap does, and is known to have been compiled successfully for Mac OS X server. Sounds kind of complicated to some people, there isn’t a Graphical User Interface for this program on the Mac OS X yet so it is command line.

Try using
#./configure -no-cpp-precomp
I haven't tried this myself but it often works. For more hints read the porting tips on the fink and gnu-darwin web sites
goodluck
Y

Me again - I take it by header files you mean *.h files in the raw unpack? Just copy the 8 files into the directory you mentioned, right? Or do I need to do the INTSTALL as well? (No - haven't done that, since I think this will overwrite the Apple files, and I don't want to do that)
Thanks in advance..

Not sure which files you are referring to when you mention 'the 8 files', but the ones I linked to in pcap_inc.tar.gz has just five (ethertype.h, gencode.h, pcap-int.h, pcap-namedb.h, and pcap.h) which define stuff in the libraries under /usr/lib which Apple provided. These five should be placed under /usr/local/include then try your make again.

Thanks for the header files.. it works! Snort installs.. now it's just a matter of getting it to work the way I would like it to! :)

Check out an application called HenWen, you can download it from the OS X Downloads page under Network & Security.
-Hez

2005/05/30 HenWen (Snort for Mac OS X)

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.

There's no reason that you can't just download and installSnort on Mac OS X. But if you don't want to install the development system,or never seem to have luck compiling from source,HenWenis a Mac GUI front end. As HenWen also includes a snort binary,you could also install HenWen just to get that and throw the rest of itaway.

Snort For Mac Pro

The GUI interface does have it's attractions, though. It's mucheasier to turn rules on and off with a click than to hunt them downin the /etc/snort/rules directory. It actually just presentsthe rules in the sections as they actuallyare in /HenWen.app/Contents/Resources/rules,and doesn't give you access to individual lines.. You canadd new rules easily enough, although you don't really write themhere: you point HenWen at a text file you have created by some othermeans. Writing Snort rules is not the easiest task, and requiresdetailed knowledge of the protocols you are trying to watch, aswell as knowledge of Snort's rule keywords and arguments. For mostof us, that means we probably downloaded a rule someone elsewrote. We'd then point HenWen at it.

For real-time alerts, HenWen includes an applicationcalled LetterStick, which normally runs as a daemon and appearsas a small icon in your menu bar. If Snort triggers an alert, andHenWen is configured to log to LetterStick, an alert box willpop up on your console. It helpfully includes a 'What's This?'button which will take you to a Snort page that explainswhat the alert may mean.

If you just want to use snort directly, copy the binary from/Applications/HenWen.app/Contents and use it directly. Snortisn't particularly difficult to use - HenWen doesn't installa man page but there are plenty of on-line resources at http://www.snort.org if you prefer more direct control.

Snort Tool For Mac

If you found something useful today, please consider a small donation.

Got something to add? Send me email.

Snort For Mac Free

Snort Maca

Snort Machine