Snort mailing list archives
Re: FW: Oinkmaster can't get rules
From: Jun Wan <junwei_wan () hotmail com>
Date: Tue, 27 Jul 2010 02:34:05 +0000
Hi Joel, Tried it again: C:\snort\pulledpork-0.3.4>pulledpork.pl -o c:\snort\rules -O a9xnnnxnnnxnxnnnxnnxnxnnnxnnxnxnxnxn....xnnnc -f snortrules-snap shot-2853.tar.gz -c pulledpork.conf -i disablesid.conf -b dropsid.conf -m c:\snort\etc\sid-msg.map -h c:\snort\log\sid_changes.log -I security -H I got the same result: Checking latest MD5.... A 403 error occured, please wait for the 15 minute timeout to expire before trying again or specify the -n runtime switch Error 403 when fetching http://www.snort.org/pub-bin/oinkmaster.cgi/snor trules-snapshot-2853.tar.gz.md5 at C:\snort\pulledpork-0.3.4\pulledpork.pl line 269 Any info and help would be much appreciated. Thanks Regards John From: jesler () sourcefire com To: junwei_wan () hotmail com Subject: Re: [Snort-users] FW: Oinkmaster can't get rules Date: Mon, 26 Jul 2010 21:54:55 -0400 CC: cummingsj () gmail com; snort-users () lists sourceforge net Your rule file name is still wrong. It's not 2.8.5.3, it's 2853.tar.gz --Sent from my iPad On Jul 26, 2010, at 9:43 PM, Jun Wan <junwei_wan () hotmail com> wrote: Hi JJC, Thanks for the info, I did the following on my Windows XP: C:\snort\pulledpork-0.3.4>pulledpork.pl -o c:\snort\rules -O a9xnnnxnnnxnxnnnxnnxnxnnnxnnxnxnxnxn....xnnnc -f snortrules-snap shot-2.8.5.3.tar.gz -c pulledpork.conf -i disablesid.conf -b dropsid.conf -m c:\snort\etc\sid-msg.map -h c:\snort\log\sid_changes.log -I security -H Then I got the following: Checking latest MD5.... A 403 error occured, please wait for the 15 minute timeout to expire before trying again or specify the -n runtime switch Error 403 when fetching http://www.snort.org/pub-bin/oinkmaster.cgi/snor trules-snapshot-2.8.5.3.tar.gz.md5 at C:\snort\pulledpork-0.3.4\pulledpork.pl line 269 Any info and help would be much appreciated. Thanks Regards John Date: Mon, 26 Jul 2010 07:02:13 -0600 Subject: Re: [Snort-users] FW: Oinkmaster can't get rules From: cummingsj () gmail com To: junwei_wan () hotmail com CC: snort-users () lists sourceforge net You are attempting to retrieve an invalid tarball (snortrules-snapshot-2.8.tar.gz).. you need to use one of the following at this time: snortrules-snapshot-2853.tar.gz snortrules-snapshot-2860.tar.gz snortrules-snapshot-2861.tar.gz Please take note also of what Nigel said, that the 2853 rules will remain for 90 days to give you time to upgrade! And on another note, there is an updated version of pulledpork that has many bugfixes.. JJC On Mon, Jul 26, 2010 at 12:28 AM, Jun Wan <junwei_wan () hotmail com> wrote: Ok, I downloaded Pulled Pork v0.3.4, follow the "Readme", instead of using: ./pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf -m /usr/local/etc/snort/sid-msg.map \ -h /var/log/sid_changes.log -I security -H I used this on my Windows XP: C:\snort\pulledpork-0.3.4>pulledpork.pl -c pulledpork.conf -i disablesid.conf -b dropsid.conf -m c:\snort\etc\sid-msg.map -h c:\snort\log\sid_changes.log -I sec urity -H And then I got this: http://code.google.com/p/pulledpork/ _____ ____ `----,\ ) `--==\\ / Pulled_Pork v0.3.4 `--==\\/ .-~~~~-.Y|\\_ Copyright (C) 2009-2010 JJ Cummings @_/ / 66\_ cummingsj () gmail com | \ \ _(") \ /-| ||'--' Rules give me wings! \_\ \_\\ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Checking latest MD5.... A 403 error occured, please wait for the 15 minute timeout to expire before trying again or specify the -n runtime switch Error 403 when fetching http://www.snort.org/pub-bin/oinkmaster.cgi/snor trules-snapshot-2.8.tar.gz.md5 at C:\snort\pulledpork-0.3.4\pulledpork.pl line 2 69. After 25 minutes, I tried again, same error. I would like to know what is wrong and any info and help would be appreciated. Many thanks in advance. Regards John From: junwei_wan () hotmail com To: snort-users () lists sourceforge net Date: Mon, 26 Jul 2010 03:55:34 +0000 Subject: Re: [Snort-users] Oinkmaster can't get rules Hi, I am unable to update the rules via Oinkmaster (it was okay before), My snort (2.8.5.3) is running on my Windows XP, I am getting an error: 404 forbidden message, please see the attached info. I will use Pulled Pork in the near future, but now I would like to fix this issue with rules update&Oinkmaster. Any information and help would be appreciated. Thanks Regards John Australia's #1 job site If It Exists, You'll Find it on SEEK ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://ad.doubleclick.net/clk;226879339;13503038;l? http://clk.atdmt.com/CRS/go/247765532/direct/01/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _________________________________________________________________ If It Exists, You'll Find it on SEEK. Australia's #1 job site http://clk.atdmt.com/NMN/go/157639755/direct/01/
------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://ad.doubleclick.net/clk;226879339;13503038;l? http://clk.atdmt.com/CRS/go/247765532/direct/01/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Oinkmaster can t get rules, (continued)
- Re: Oinkmaster can t get rules waldo kitty (Jul 25)
- FW: Oinkmaster can't get rules Jun Wan (Jul 25)
- Re: FW: Oinkmaster can't get rules Joel Esler (Jul 26)
- Re: FW: Oinkmaster can't get rules Nigel Houghton (Jul 26)
- Re: FW: Oinkmaster can't get rules Joel Esler (Jul 26)
- Re: FW: Oinkmaster can t get rules waldo kitty (Jul 26)
- Re: FW: Oinkmaster can t get rules waldo kitty (Jul 26)
- Re: FW: Oinkmaster can't get rules JJC (Jul 26)
- Re: FW: Oinkmaster can't get rules Jun Wan (Jul 26)
- Re: FW: Oinkmaster can't get rules Joel Esler (Jul 26)
- Re: FW: Oinkmaster can't get rules Jun Wan (Jul 26)
- Re: FW: Oinkmaster can t get rules waldo kitty (Jul 26)
- Re: FW: Oinkmaster can t get rules Jun Wan (Jul 28)
- Re: FW: Oinkmaster can t get rules JJC (Jul 28)
- Re: FW: Oinkmaster can t get rules waldo kitty (Jul 26)