Snort mailing list archives
Re: Using PP
From: Heine Lysemose <lysemose () gmail com>
Date: Thu, 13 Sep 2012 10:16:59 +0200
Hi Try running the command with sudo. sudo /usr/local/bin/pulledpork.pl -c /usr/local/snort/etc/pulledpork/pulledpork.conf -C /usr/local/snort/etc/snort.conf -I security /Lysemose On Thu, Sep 13, 2012 at 9:11 AM, Pratik Narang <pratik.cse.bits () gmail com> wrote:
Well on the advice of few Snort experts on the list I decided to start
using
Pulled Pork. But I couldn't really make it run yet! Here's the dump from the console.
Any
help will be appreciated... $ /usr/local/bin/pulledpork.pl -c /usr/local/snort/etc/pulledpork/pulledpork.conf -C /usr/local/snort/etc/snort.conf -I security http://code.google.com/p/pulledpork/ _____ ____ `----,\ ) `--==\\ / PulledPork v0.6.1 the Smoking Pig <////~ `--==\\/ .-~~~~-.Y|\\_ Copyright (C) 2009-2011 JJ Cummings @_/ / 66\_ cummingsj () gmail com | \ \ _(") \ /-| ||'--' Rules give me wings! \_\ \_\\ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Can't create /usr/local/snort/etc/pulledpork/so_rules.rules - Permission denied at /usr/local/bin/pulledpork.pl line 1548 readline() on closed filehandle FH at /usr/local/bin/pulledpork.pl line 1327. Checking latest MD5 for snortrules-snapshot-2931.tar.gz.... No such file or directory at /usr/local/bin/pulledpork.pl line 457 main::md5file('c475af39408e0e7ad0f4f6d961543b1e7b989c3b', 'snortrules-snapshot-2931.tar.gz', '/usr/local/snort/tmp/', 'https://www.snort.org/reg-rules/') called at /usr/local/bin/pulledpork.pl line 1758
------------------------------------------------------------------------------
Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Using PP Pratik Narang (Sep 13)
- Re: Using PP Heine Lysemose (Sep 13)
- Re: Using PP Pratik Narang (Sep 13)
- Re: Using PP Heine Lysemose (Sep 13)
- Re: Using PP Pratik Narang (Sep 13)
- Re: Using PP Peter Bates (Sep 13)
- Re: Using PP Pratik Narang (Sep 13)
- Re: Using PP John York (Sep 13)
- Re: Using PP Michael Steele (Sep 13)
- Re: Using PP Heine Lysemose (Sep 13)