The following hands-on tutorial provides a complete and working installation and setup for the following items:

1. Windows XP Pro SP2 – Operating System

2. Internet Information Services (IIS) version 5.1 – Web server for Windows platform

3. PHP version:   5.2.xx – PHP parsing engine for Windows

4. Snort version:   2.8.6 – Intrusion Detection System, Packet Sniffer

5. WinPcap version:   4.1.1 – Windows packet capture

6. MySQL version:   5.x.x – Open Source database

7. BASE version:   1.4.5 – Snort GUI web based packet analysis tool

8. ADODB version:   511 – BASE’s ADO database driver

9. Perl (ActivePerl) version: 5.10.1 – Perl parsing engine for Windows which is needed by Oinkmaster

10. Oinkmaster version: 2.0 – Rules update tool for Snort

Sub-topics that we will cover in this very long session are:

1. Windows XP Pro SP2 and IIS 5.1

2. Install IIS Windows Component

3. The IIS Snap-in:  Configuring IIS

4. Testing Webpage on IIS

5. PHP 3.5.2, Windows XP Pro SP 2 and IIS 5.1

6. Download and Install PHP

7. Editing the php.ini Config File

8. Running PHP Commands from Windows Console

9. Configuring IIS to Parse PHP files/extensions using FastCGI

10. Testing the IIS Web Server with PHP Files

11. Blank Webpage Problem

12. Working PHP Engine Example

13. PHP and PEAR/PECL

14. The PHP Extension Community Library (PECL)

15. Configuring and Updating PEAR package

16. Running the pear Command from Windows Console

17. The WinPcap and Windows XP Pro SP2

18. WinPcap Download and Installation

19. Verifying WinPcap Installation

20. Windows Network Monitor Capture Utility (Netcap)

21. Barnyard: Alternative Snort Output System

22. Snort, Win XP Pro SP2, PHP and WinPcap

23. Editing the Snort.conf Config File

24. Download and Install Snort Rules

25. Testing Snort from Windows Console

26. Testing Snort Config File

27. Running Snort from any Windows Path

28. Snort in Sniffer mode

29. Snort as Packet Logger

30. The Not Using PCAP_FRAMES message

31. Snort and MySQL Database

32. Creating Snort Databases

33. Creating Snort’s User Accounts

34. Creating Table for Snort in mysnort and archive Databases

35. Snort and MySQL Logging

36. Testing the New Snort Configuration

37. Configuring Snort as a Service (THIS ONE FAILED!)

38. Testing mySQL Connection with PHP Code

39. PHP and MySQL Error

40. Snort and Basic Analysis and Security Engine (BASE)

41. Download and Install

42. Download and Install ADODB

43. Editing PHP.ini File

44. Editing BASE’s Config File

45. Adding Additional Snort Database Tables for BASE

46. Download and Install Additional PHP Extensions

47. Testing BASE and Snort

48. BASE and MySQL Errors

49. More Errors

50. Oinkmaster

51. Perl for Windows (ActivePerl Community Edition)

52. Download and Install Perl for Windows

53. Running Perl from Windows Console

54. Testing the Perl Engine

55. Setting-up Perl Script Example for IIS Server

56. Running the Windows Script Host (WSH)

57. Installing and Configuring Oinkmaster

58. Running the Oinkmaster GUI

59. Updating Tk Package

60. Configuring Oinkmaster from Oinkmaster GUI

61. Getting the Oinkmaster Code

62. Example for Snort 2.8.6.0

63. Example for Snort 2.8.5.3

64. Example for snort 2.8 (This will be deprecated on June 2010).

65. Continue on Configuring Oinkmaster

66. Updating Snort Rules using Oinkmaster

67. Further Reading and Fun Activities

68. Single PDF file of this  very long tutorial (~12MB - right click mouse and Save Link As...However, external links are not updated!)

Hopefully, this tutorial can provide a 'baseline' for Snort and BASE setup for other Windows platforms which quite difficult to find as can be seen at: Snort forum and WinSnort (Snort for Windows - http://http://www.winsnort.com/) or at least you can have some FUN! Although the setup can be considered 'complete', a lot more refinements need to be done mainly in the security aspects because the real setup normally done on the real web hosting.