Snort mailing list archives
Re: VRT Rules snapshot-CURRENT.tar.gz Download Error?
From: "Jefferson, Shawn" <Shawn.Jefferson () bcferries com>
Date: Fri, 29 May 2009 13:22:13 -0600
Hi, Sounds like it will be the replacement for Oinkmaster, but currently I'm using Oinkmaster to disable certain rules (I'm assuming that's what you mean by rule manipulation) as well. So I guess my initial question still stands: does anyone want to share a script that checks the MD5 first? Thanks, Shawn ________________________________ From: jcummings () sourcefire com [mailto:jcummings () sourcefire com] On Behalf Of JJ Cummings Sent: May 29, 2009 12:13 PM To: Jefferson, Shawn Cc: Snort Users List Subject: Re: [Snort-users] VRT Rules snapshot-CURRENT.tar.gz Download Error? Well, it's complete as of phase 1 in the timeline for release 0.1 so if you need to do any rule manipulation.. that's coming.. within the next few weeks hopefully. Release 0.1: * First Beta Release * Downloads latest rules file * Verifies MD5 of local rules file * If MD5 has not changed from snort.org.. doesn't fetch files again * handle both rules and so_rules * Capability to generate stub files Cheers, JJC On Fri, May 29, 2009 at 1:09 PM, Jefferson, Shawn <Shawn.Jefferson () bcferries com<mailto:Shawn.Jefferson () bcferries com>> wrote: I'll take a look at it. At this point though, it hasn't been "released" officially and still in beta though, right? ________________________________ From: jcummings () sourcefire com<mailto:jcummings () sourcefire com> [mailto:jcummings () sourcefire com<mailto:jcummings () sourcefire com>] On Behalf Of JJ Cummings Sent: May 29, 2009 12:04 PM To: Jefferson, Shawn Cc: Snort Users List Subject: Re: [Snort-users] VRT Rules snapshot-CURRENT.tar.gz Download Error? pulledpork does this.. it can be found here => http://code.google.com/p/pulledpork I just finished modifying it so that no matter the format of the md5 file it will only grab the hash value out of it.. so should be good to go with that one now. Cheers, JJC On Fri, May 29, 2009 at 12:48 PM, Jefferson, Shawn <Shawn.Jefferson () bcferries com<mailto:Shawn.Jefferson () bcferries com>> wrote: Does anyone have a shell script that downloads the md5 and compares it to the last one before running oinkmaster.pl that they want to share? I'm in the "downloading once a day" camp, and I've noticed that this has been failing quite often lately. -----Original Message----- From: Sandro guly Zaccarini [mailto:guly () luv guly org<mailto:guly () luv guly org>] Sent: May 29, 2009 10:36 AM To: 'Snort Users List' Cc: Jeff Dell Subject: Re: [Snort-users] VRT Rules snapshot-CURRENT.tar.gz Download Error? On Fri, May 29, 2009 at 12:56:01PM -0400, Jeff Dell wrote:
The problem with once a week is what happens if you check on Monday at 8am and the rules are updated on Monday at 8:05? You won't get any updates for 2 weeks. It would be really great to have something like a checksum that will be available to see if there is a change in the rules file.
actually there is an md5 file, and i was thinkin' about asking why VRT changed its format without alerting users before. personally, i download daily that md5 file and compare to the latest md5 i've got: if they don't match it means that there is something new. but we're a bit OT here :) sz -- /"\ taste your favourite sysadmin \ / gpg public key http://www.guly.org/guly.asc X / \ ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users> list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error?, (continued)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jack Pepper (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Joel Esler (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jeff Dell (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Joel Esler (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Mike Guiterman (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Sandro guly Zaccarini (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jefferson, Shawn (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? JJ Cummings (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jefferson, Shawn (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? JJ Cummings (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jefferson, Shawn (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Joel Esler (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? JJ Cummings (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jack Pepper (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? JJ Cummings (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Jack Pepper (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Joel Esler (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Nigel Houghton (May 29)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Nigel Houghton (May 28)
- Re: VRT Rules snapshot-CURRENT.tar.gz Download Error? Mike Guiterman (May 28)