Snort mailing list archives
Re: Extracting snortrules-2931.tar.gz
From: Akinwale Fasuru <fashman2k1 () yahoo com>
Date: Tue, 9 Oct 2012 13:40:25 -0700 (PDT)
I appreciate your effort guys, y'all are helping a brother here so lets take it cool. I am very new to linux thats why. I will try your opinion Jeremy and let you know wat zup Wale --- On Tue, 10/9/12, Jeremy Hoel <jthoel () gmail com> wrote:
From: Jeremy Hoel <jthoel () gmail com> Subject: Re: [Snort-users] Extracting snortrules-2931.tar.gz To: "AllowOverride" <allowoverride () gmail com> Cc: "snort-users" <snort-users () lists sourceforge net> Date: Tuesday, October 9, 2012, 3:17 PM And like i said in the email before you responded, you can find the file name right from the website.. when you click download rules. http://snort.org/snort-rules/? Snort v2.9 MD5 - 09 Oct, 2012 snortrules-snapshot-2931.tar.gz MD5 - 09 Oct, 2012 snortrules-snapshot-2912.tar.gz MD5 - 09 Oct, 2012 snortrules-snapshot-2923.tar.gz MD5 - 09 Oct, 2012 snortrules-snapshot-2930.tar.gz It's right there.. you just have to look at the page. Reading is fundamental. On Tue, Oct 9, 2012 at 8:16 PM, AllowOverride <allowoverride () gmail com> wrote:we dont know the file name!!! sheshh On Tue, 2012-10-09 at 20:02 +0000, Jeremy Hoel wrote:The page shows: wget http://www.snort.org/sub-rules/<filename>/<oinkcodehere> \-O<output-filename>It's pretty clear. put the proper, correct,current filename where issays filename and things work. They shouldn'thave to hold hands andwalk through the whole thing. When you try and use examples you have to expectand realize that theexample might be out of date and maybe try andfigure out what itmight take to make it work. On Tue, Oct 9, 2012 at 7:51 PM, AllowOverride<allowoverride () gmail com> wrote:when i say something doesnt work, i mean, itdoesnt work:wget http://www.snort.org/sub-rules/snortrules-snapshot-2900.tar.gz/hidden-sorry--2012-10-0912:44:42-- http://www.snort.org/sub-rules/snortrules-snapshot-2900.tar.gz/hidden-sorryResolving www.snort.org... 23.23.170.170 Connecting towww.snort.org|23.23.170.170|:80... connected.HTTP request sent, awaiting response... 403Forbidden2012-10-09 12:44:42 ERROR 403: Forbidden. wget http://www.snort.org/reg-rules/snortrules-snapshot-2900.tar.gz/sorry-hidden --2012-10-09 12:45:54-- http://www.snort.org/reg-rules/snortrules-snapshot-2900.tar.gz/sorry-hidden Resolving www.snort.org... 23.23.143.143 Connecting towww.snort.org|23.23.143.143|:80... connected.HTTP request sent, awaiting response... 403Forbidden2012-10-09 12:45:56 ERROR 403: Forbidden. and just for good measure wget http://www.snort.org/reg-rules/snortrules-snapshot-2931.tar.gz/sorry-hidden --2012-10-09 12:47:03-- http://www.snort.org/reg-rules/snortrules-snapshot-2931.tar.gz/hidden-again Resolving www.snort.org... 23.23.170.170 Connecting towww.snort.org|23.23.170.170|:80... connected.HTTP request sent, awaiting response... 403Forbidden2012-10-09 12:47:04 ERROR 403: Forbidden. now. the last one shouldn't work, becuz im nota register userthe sub rules works if you know what you aredoing...If you include 2931 inplace of 2900 it willwork, only if you are in thesystem for oinkcode. BUT, that is not what isautopopulated for you onthe oinkcode page. it says, 2900. it wontwork.all i am saying fix is, change it to reflectthe CURRENT version. thatsall. not everyone will catch it, and ya know,end up asking the questionhere. let's let the developers put the currentversion as well. takes what, 2seconds and saves users HOURS of wtf..headaches...thanks On Tue, 2012-10-09 at 19:19 +0000, Jeremy Hoelwrote:The link he was using worked fine for me.I tested the get and got therules with no no problem.. with the linkhe had. His problem is notrelated to a bad link. The examples show that you need a filename(http://snort.org/snort-rules/cli) and when you go tothe page before,the main download page (http://snort.org/snort-rules/?), it shows the file names. They are not trying to makethis overly confusing andhard.. but it does require some effort andunderstanding on theinstallers part. Or, you could sign in andgrab them from the gui, oruse pullpork. 3 different methods toget the rules..The examples are generic enough that theydon't have to changewhenever the rule file changes. Letslet the developers work onkeeping the software fixed and nor worryabout the web page not havingthe most specific instructions. On Tue, Oct 9, 2012 at 7:12 PM,AllowOverride <allowoverride () gmail com> wrote:jer, i tried the preferred methoddisplayed on oinkcode page.it doesnt work for sub/reg unless youknow to put 2931. also, othermethods of wget'ing the url accordingto docs are supposed to work butdo not, unless know the exact filename, and thats not always easy tofind on the ftp site, or by othermethods.just a heads up, that kept me offtask for a few days trying to figureit out. suggestion... fix the examples on theoinkcode page.On Tue, 2012-10-09 at 17:12 +0000,Jeremy Hoel wrote:The answer is in the text filethat you sent back.2012-10-04 14:07:24 ERROR 403:Forbidden.so however you tried to get thefile, it didn't work. If you usedwget and an oink code then youneed to check the code.On Tue, Oct 9, 2012 at 4:59 PM,Akinwale Fasuru <fashman2k1 () yahoo com> wrote:Here is what i gath afterrunning cat....--2012-10-0414:07:23-- http://www.snort.org/sub-rules/snortrules-snapshot-2931.tar.gz/3b6de1b425e1a20c6f85e705f3631bc958ad11dbResolving www.snort.org...23.23.170.170Connecting towww.snort.org|23.23.170.170|:80... connected.HTTP request sent, awaitingresponse... 403 Forbidden2012-10-04 14:07:24 ERROR403: Forbidden.What do u think? --- On Tue, 10/9/12, JeremyHoel <jthoel () gmail com> wrote:From: Jeremy Hoel <jthoel () gmail com> Subject: Re:[Snort-users] Extracting snortrules-2931.tar.gzTo: "Akinwale Fasuru"<fashman2k1 () yahoo com>Cc: snort-users () lists sourceforge net Date: Tuesday, October9, 2012, 11:53 AMto check the size of afile, go tothe directory where thefile is andrun 'ls -al'. But since 'file' saidit's text and not a tar.gz or zipfile, then that's theproblem. Your download is not correct.go ahead and run 'catsnortrules-2931.tar.gz'On Tue, Oct 9, 2012 at4:50 PM, Akinwale Fasuru <fashman2k1 () yahoo com>wrote:I replied the emailyou sent earlier saying that ididnt know how to checkfor te size of the file. But i didrule the command u askedme here is the responsesnortrules-2931.tar.gz: ASCII text--- On Tue,10/9/12, Jeremy Hoel <jthoel () gmail com>wrote:From: JeremyHoel <jthoel () gmail com>Subject: Re:[Snort-users] Extractingsnortrules-2931.tar.gzTo: "AkinwaleFasuru" <fashman2k1 () yahoo com>Cc: snort-users () lists sourceforge net Date: Tuesday,October 9, 2012, 11:46 AMYou never gotback to me about thesize of thefile and if the filewas complete. the error makesit sound like it's not a tar.gzfile.you need tovery you got the whole file and thatit's notjust a texterror.run 'filesnortrules-2931.tar.gz' and see what itsays.On Tue, Oct 9,2012 at 4:29 PM, Akinwale Fasuru<fashman2k1 () yahoo com>wrote:Helloeveryone,I amstill having problems extractingsnortrules-2931.tar.gztar -xzvfsnortrules-2931.tar.gzI getthis erro messagezip:stdin: not in gzip formattar:Child returned status 1tar:Error is not recoverable: exitingnow------------------------------------------------------------------------------Don't letslow site performance ruin yourbusiness.Deploy NewRelic APMDeploy NewRelic app performance managementand knowexactlywhat ishappening inside your Ruby, Python,PHP, Java,and .NET appTry NewRelic at no cost today and get oursweet DataNerd shirttoo!http://p.sf.net/sfu/newrelic-dev2dev_______________________________________________Snort-users mailing listSnort-users () lists sourceforge net Go to thisURL to change user options orunsubscribe:https://lists.sourceforge.net/lists/listinfo/snort-usersSnort-users list archive:http://www.geocrawler.com/redir-sf.php3?list=snort-users Pleasevisit http://blog.snort.org to stay current onall the latestSnort news!------------------------------------------------------------------------------Don't let slow site performanceruin your business. Deploy New Relic APMDeploy New Relic app performancemanagement and know exactlywhat is happening inside yourRuby, Python, PHP, Java, and .NET appTry New Relic at no cost todayand get our sweet Data Nerd shirt too!http://p.sf.net/sfu/newrelic-dev2dev_______________________________________________Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change useroptions or unsubscribe:https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latestSnort news!------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Extracting snortrules-2931.tar.gz Akinwale Fasuru (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Akinwale Fasuru (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 10)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 10)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)