Snort mailing list archives
Re: oinkmaster download of 2.7 rule set fails
From: Matt Olney <molney () sourcefire com>
Date: Wed, 14 Oct 2009 09:35:25 -0400
Confirmed. On Wed, Oct 14, 2009 at 9:08 AM, justin joseph <justinjoseph007 () gmail com> wrote:
Hi Nigel, Joel I understand upgrade will fix this issue which is logical, we wanted an interim solution because our solution is based on Ubuntu hardy release and since we rely on Ubuntu for updates of most of the softwares it is non trivial to upgrade snort alone. I do accept that eventually we will have to upgrade. In the mean time, I wanted to know if there's some way to maintain backward compatibility between ruleset download(which now seems to be only 2.8) and installed version which is 2.7.0. Just wanted to confirm that 2.7 rule set is no more officially supported and no mechanism is there for backward compatibility. Can you confirm this? thank you Justinh On Wed, Oct 14, 2009 at 6:17 PM, Nigel Houghton <nhoughton () sourcefire com> wrote:What you need to do is upgrade your version of Snort to the latest 2.8.5. On Wed, Oct 14, 2009 at 6:59 AM, justin joseph <justinjoseph007 () gmail com> wrote:Hi Snort oink download of 2.7 rule set is failing with the below error messages: /usr/sbin/oinkmaster: Error: could not download from http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapshot-2.7.tar.gz. Output from wget follows: http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapshot-2.7.tar.gz => `/tmp/oinkmaster.o1_rsuQZZt/url.H22uiiG01_/snortrules.tar.gz' Resolving www.snort.org... 68.177.102.20 Connecting to www.snort.org|68.177.102.20|:80... connected. HTTP request sent, awaiting response... 404 Not Found 15:53:17 ERROR 404: Not Found. Is it that 2.7 rule set download is no more supported? I tried to run snort version 2.7 with oinkmaster downloaded 2.8 rule set. But that fails with below message: Initializing rule chains... ERROR: /etc/snort/rules/chat.rules(71) => Invalid port: [9090,9091] Fatal Error, Quitting.. I can see that for 2.7 the way port numbers were specified for 2.7 is different from that of 2.8 rule set, I could manually correct this in chat.rules at places and then the error would be reported from other line number and other rules files. Is there any way I can inter-op 2.8 rules set downloaded with oinkmaster with snort version 2.7.0? ------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- Nigel Houghton Head Mentalist SF VRT http://vrt-sourcefire.blogspot.com && http://www.snort.org/vrt/------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- oinkmaster download of 2.7 rule set fails justin joseph (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails Joel Esler (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails Nigel Houghton (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails justin joseph (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails Joel Esler (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails Matt Olney (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails justin joseph (Oct 15)
- Re: oinkmaster download of 2.7 rule set fails Alexander Novokhatsky (Oct 14)
- Re: oinkmaster download of 2.7 rule set fails justin joseph (Oct 14)