Snort mailing list archives
Re: PulledPork not processing
From: Joel Esler <jesler () sourcefire com>
Date: Sun, 10 Feb 2013 10:38:33 -0500
Wow. That's pretty slow. On Unix it takes about 10 seconds give or take. But no, Pulledpork is sell contained except for a few libraries and is meant to be that way. On Sun, Feb 10, 2013 at 9:57 AM, Michael Steele <michaels () winsnort com>wrote:
Problem solved. It appears that some of the Perl packages were corrupted.* *** ** ** However; Does anyone have a work around for the installation of the Signatures. I don’t know about UNIX, but on Windows it takes at least 30 minutes for Perl to extract.**** ** ** Is it possible for the pulledpork.pl file to extract with a native OS extraction tool?**** ** ** Best regards,**** Michael...**** ** ** *From:* Michael Steele [mailto:michaels () winsnort com] *Sent:* Saturday, February 09, 2013 1:49 PM *To:* snort-users () lists sourceforge net *Subject:* [Snort-users] PulledPork not processing**** ** ** This is the latest pull from the SVN.**** ** ** It appears PulledPork is trying to process the rules twice. In the temp folder I’m only getting a partial transfer of the rules and the MD5 file. **** ** ** ** ** C:\Users\Operator>perl d:\winids\pulledpork\pulledpork.pl -c d:\winids\pulledpork\etc\pulledpork.conf -vv -T**** ** ** http://code.google.com/p/pulledpork/**** _____ ____**** `----,\ )**** `--==\\ / PulledPork v0.6.2dev the Cigar Pig <////~**** `--==\\/**** .-~~~~-.Y|\\_ Copyright (C) 2009-2012 JJ Cummings**** @_/ / 66\_ cummingsj () gmail com**** | \ \ _(")**** \ /-| ||'--' Rules give me wings!**** \_\ \_\\**** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~**** ** ** Config File Variable Debug d:\winids\pulledpork\etc\pulledpork.conf**** snort_path = /usr/local/bin/snort**** enablesid = d:\winids\pulledpork\etc\enablesid.conf**** modifysid = d:\winids\pulledpork\etc\modifysid.conf**** rule_path = d:\winids\snort\rules\snort.rules**** ignore = deleted.rules,experimental.rules,local.rules**** rule_url = ARRAY(0x28e1e24)**** snort_version = 2.9.4.0**** sid_msg_version = 1**** sid_changelog = d:\winids\snort\log\sid_changes.log**** sid_msg = d:\winids\snort\etc\sid-msg.map**** docs = d:\winids\Apache24\htdocs\base\signatures\**** ips_policy = security**** config_path = /usr/local/etc/snort/snort.conf**** temp_path = d:\winids\pulledpork\temp**** distro = FreeBSD-8.1**** version = 0.6.1**** sorule_path = /usr/local/lib/snort_dynamicrules/**** disablesid = d:\winids\pulledpork\etc\disablesid.conf**** dropsid = d:\winids\pulledpork\etc\dropsid.conf**** local_rules = d:\winids\snort\rules\local.rules**** 'uname' is not recognized as an internal or external command,**** operable program or batch file.**** MISC (CLI and Autovar) Variable Debug:**** Config Path is: d:\winids\pulledpork\etc\pulledpork.conf**** Distro Def is: FreeBSD-8.1**** Docs Reference Location is: d:\winids\Apache24\htdocs\base\signatures\**** security policy specified**** local.rules path is: d:\winids\snort\rules\local.rules**** Rules file is: d:\winids\snort\rules\snort.rules**** Path to disablesid file: d:\winids\pulledpork\etc\disablesid.conf* *** Path to dropsid file: d:\winids\pulledpork\etc\dropsid.conf**** Path to enablesid file: d:\winids\pulledpork\etc\enablesid.conf*** * Path to modifysid file: d:\winids\pulledpork\etc\modifysid.conf*** * sid changes will be logged to: d:\winids\snort\log\sid_changes.log **** sid-msg.map Output Path is: d:\winids\snort\etc\sid-msg.map**** Snort Version is: 2.9.4.0**** Snort Config File: /usr/local/etc/snort/snort.conf**** Snort Path is: /usr/local/bin/snort**** Text Rules only Flag is Set**** Extra Verbose Flag is Set**** Verbose Flag is Set**** Base URL is: https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|991158d6f0847841cffbe085a91b7c5775ba98cf https://www.snort.org/reg-rules/|opensource.gz|991158d6f0847841cffbe085a91b7c5 **** 775ba98cf**** Checking latest MD5 for snortrules-snapshot-2940.tar.gz....**** Fetching md5sum for: snortrules-snapshot-2940.tar.gz.md5**** ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz.md5/991158d6f0847841cffbe085a91b7c5775ba98cf==> 200 OK (3s) **** most recent rules file digest: ae46740e802f023be681d932ef71f407*** * Rules tarball download of snortrules-snapshot-2940.tar.gz....**** Fetching rules file: snortrules-snapshot-2940.tar.gz**** ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f0847841cffbe085a91b7c5775ba98cf==> 302 Found (1s) **** ** GET https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-2940.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1360435268&Signature=KaoY%2B0NMB%2B%2FNnYFJTpunKaQhilw%3D==> **** 200 OK (1s)**** storing file at: d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz**** ** ** current local rules file digest: eed12b6d1e99dd34dda723167ab18f8c **** The MD5 for snortrules-snapshot-2940.tar.gz did not match the latest digest... so I am gonna fetch the latest rules file!**** Rules tarball download of snortrules-snapshot-2940.tar.gz....**** Fetching rules file: snortrules-snapshot-2940.tar.gz**** ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f0847841cffbe085a91b7c5775ba98cf==> 302 Found **** ** GET https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-2940.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1360435269&Signature=2H85W57%2F7fbXw%2FEehahpjniVR0Q%3D==> 0 **** 200 OK**** storing file at: d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz**** ** ** current local rules file digest: 6fb296525f90c700ff356264397e7977 **** The MD5 for snortrules-snapshot-2940.tar.gz did not match the latest digest... so I am gonna fetch the latest rules file!**** Rules tarball download of snortrules-snapshot-2940.tar.gz....**** Fetching rules file: snortrules-snapshot-2940.tar.gz**** ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f0847841cffbe085a91b7c5775ba98cf==> 403 Forbidden (1s) **** A 403 error occurred, please wait for the 15 minute timeout**** to expire before trying again or specify the -n runtime switch**** You may also wish to verfiy your oinkcode, tarball name, and other configuration options**** ** ** ** ** ** ** ** ** I can drop the rules, and open source file into the empty temp folder and try to process offline but I’m getting:**** ** ** C:\Users\Operator>perl d:\winids\pulledpork\pulledpork.pl -c d:\winids\pulledpork\etc\pulledpork.conf -n -vv -T**** ** ** http://code.google.com/p/pulledpork/**** _____ ____**** `----,\ )**** `--==\\ / PulledPork v0.6.2dev the Cigar Pig <////~**** `--==\\/**** .-~~~~-.Y|\\_ Copyright (C) 2009-2012 JJ Cummings**** @_/ / 66\_ cummingsj () gmail com**** | \ \ _(")**** \ /-| ||'--' Rules give me wings!**** \_\ \_\\**** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~**** ** ** Config File Variable Debug d:\winids\pulledpork\etc\pulledpork.conf**** snort_path = /usr/local/bin/snort**** enablesid = d:\winids\pulledpork\etc\enablesid.conf**** modifysid = d:\winids\pulledpork\etc\modifysid.conf**** rule_path = d:\winids\snort\rules\snort.rules**** ignore = deleted.rules,experimental.rules,local.rules**** rule_url = ARRAY(0x285929c)**** snort_version = 2.9.4.0**** sid_msg_version = 1**** sid_changelog = d:\winids\snort\log\sid_changes.log**** sid_msg = d:\winids\snort\etc\sid-msg.map**** docs = d:\winids\Apache24\htdocs\base\signatures\**** ips_policy = security**** config_path = /usr/local/etc/snort/snort.conf**** temp_path = d:\winids\pulledpork\temp**** distro = FreeBSD-8.1**** version = 0.6.1**** sorule_path = /usr/local/lib/snort_dynamicrules/**** disablesid = d:\winids\pulledpork\etc\disablesid.conf**** dropsid = d:\winids\pulledpork\etc\dropsid.conf**** local_rules = d:\winids\snort\rules\local.rules**** 'uname' is not recognized as an internal or external command,**** operable program or batch file.**** MISC (CLI and Autovar) Variable Debug:**** Config Path is: d:\winids\pulledpork\etc\pulledpork.conf**** Distro Def is: FreeBSD-8.1**** Docs Reference Location is: d:\winids\Apache24\htdocs\base\signatures\**** security policy specified**** local.rules path is: d:\winids\snort\rules\local.rules**** No Download Flag is Set**** Rules file is: d:\winids\snort\rules\snort.rules**** Path to disablesid file: d:\winids\pulledpork\etc\disablesid.conf* *** Path to dropsid file: d:\winids\pulledpork\etc\dropsid.conf**** Path to enablesid file: d:\winids\pulledpork\etc\enablesid.conf*** * Path to modifysid file: d:\winids\pulledpork\etc\modifysid.conf*** * sid changes will be logged to: d:\winids\snort\log\sid_changes.log **** sid-msg.map Output Path is: d:\winids\snort\etc\sid-msg.map**** Snort Version is: 2.9.4.0**** Snort Config File: /usr/local/etc/snort/snort.conf**** Snort Path is: /usr/local/bin/snort**** Text Rules only Flag is Set**** Extra Verbose Flag is Set**** Verbose Flag is Set**** Base URL is: https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|991158d6f0847841cffbe085a91b7c5775ba98cf https://www.snort.org/reg-rules/|opensource.gz|991158d6f0847841cffbe085a91b7c5 **** 775ba98cf**** Prepping rules from snortrules-snapshot-2940.tar.gz for work....**** extracting contents of d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz...**** Ignoring plaintext rules: deleted.rules**** Ignoring plaintext rules: experimental.rules**** Ignoring plaintext rules: local.rules**** Extracted: /tha_rules/VRT-server-other.rules**** Extracted: /tha_rules/VRT-pua-adware.rules**** Extracted: /tha_rules/VRT-misc.rules**** Extracted: /tha_rules/VRT-malware-backdoor.rules**** Extracted: /tha_rules/VRT-indicator-compromise.rules**** Extracted: /tha_rules/VRT-file-pdf.rules**** Extracted: /tha_rules/VRT-content-replace.rules**** Extracted: /tha_rules/VRT-file-identify.rules**** Extracted: /tha_rules/VRT-browser-webkit.rules**** Extracted: /tha_rules/VRT-specific-threats.rules**** Extracted: /tha_rules/VRT-file-office.rules**** Extracted: /tha_rules/VRT-rpc.rules**** Extracted: /tha_rules/VRT-dns.rules**** Extracted: /tha_rules/VRT-os-other.rules**** Extracted: /tha_rules/VRT-snmp.rules**** Extracted: /tha_rules/VRT-policy-other.rules**** Extracted: /tha_rules/VRT-web-coldfusion.rules**** Extracted: /tha_rules/VRT-protocol-voip.rules**** Extracted: /tha_rules/VRT-file-image.rules**** Extracted: /tha_rules/VRT-chat.rules**** Extracted: /tha_rules/VRT-voip.rules**** Extracted: /tha_rules/VRT-os-solaris.rules**** Extracted: /tha_rules/VRT-pop3.rules**** Extracted: /tha_rules/VRT-server-mssql.rules**** Extracted: /tha_rules/VRT-preprocessor.rules**** Extracted: /tha_rules/VRT-policy-social.rules**** Extracted: /tha_rules/VRT-protocol-ftp.rules**** Extracted: /tha_rules/VRT-server-webapp.rules**** Extracted: /tha_rules/VRT-server-oracle.rules**** Extracted: /tha_rules/VRT-scada.rules**** Extracted: /tha_rules/VRT-other-ids.rules**** Extracted: /tha_rules/VRT-server-apache.rules**** Extracted: /tha_rules/VRT-sql.rules**** Extracted: /tha_rules/VRT-icmp.rules**** Extracted: /tha_rules/VRT-file-multimedia.rules**** Extracted: /tha_rules/VRT-pua-p2p.rules**** Extracted: /tha_rules/VRT-info.rules**** Extracted: /tha_rules/VRT-pua-other.rules**** Extracted: /tha_rules/VRT-server-mail.rules**** Extracted: /tha_rules/VRT-netbios.rules**** Extracted: /tha_rules/VRT-smtp.rules**** Extracted: /tha_rules/VRT-protocol-icmp.rules**** Extracted: /tha_rules/VRT-sensitive-data.rules**** Extracted: /tha_rules/VRT-indicator-shellcode.rules**** Extracted: /tha_rules/VRT-web-iis.rules**** Extracted: /tha_rules/VRT-protocol-finger.rules**** Extracted: /tha_rules/VRT-botnet-cnc.rules**** Extracted: /tha_rules/VRT-pua-toolbars.rules**** Extracted: /tha_rules/VRT-mysql.rules**** Extracted: /tha_rules/VRT-virus.rules**** Extracted: /tha_rules/VRT-protocol-imap.rules**** Extracted: /tha_rules/VRT-malware-cnc.rules**** Extracted: /tha_rules/VRT-web-misc.rules**** Extracted: /tha_rules/VRT-tftp.rules**** Extracted: /tha_rules/VRT-blacklist.rules**** Extracted: /tha_rules/VRT-shellcode.rules**** Extracted: /tha_rules/VRT-spyware-put.rules**** Extracted: /tha_rules/VRT-exploit.rules**** Extracted: /tha_rules/VRT-protocol-services.rules**** Extracted: /tha_rules/VRT-browser-ie.rules**** Extracted: /tha_rules/VRT-os-windows.rules**** Extracted: /tha_rules/VRT-ddos.rules**** Extracted: /tha_rules/VRT-attack-responses.rules**** Extracted: /tha_rules/VRT-browser-firefox.rules**** Extracted: /tha_rules/VRT-browser-chrome.rules**** Extracted: /tha_rules/VRT-telnet.rules**** Extracted: /tha_rules/VRT-browser-other.rules**** Extracted: /tha_rules/VRT-icmp-info.rules**** Extracted: /tha_rules/VRT-os-linux.rules**** Extracted: /tha_rules/VRT-indicator-obfuscation.rules**** Extracted: /tha_rules/VRT-policy-spam.rules**** Extracted: /tha_rules/VRT-malware-tools.rules**** Extracted: /tha_rules/VRT-x11.rules**** Extracted: /tha_rules/VRT-p2p.rules**** Extracted: /tha_rules/VRT-scan.rules**** Extracted: /tha_rules/VRT-ftp.rules**** Extracted: /tha_rules/VRT-malware-other.rules**** Extracted: /tha_rules/VRT-web-php.rules**** Extracted: /tha_rules/VRT-web-activex.rules**** Extracted: /tha_rules/VRT-decoder.rules**** Extracted: /tha_rules/VRT-web-frontpage.rules**** Extracted: /tha_rules/VRT-rservices.rules**** Extracted: /tha_rules/VRT-file-executable.rules**** Extracted: /tha_rules/VRT-file-other.rules**** Extracted: /tha_rules/VRT-backdoor.rules**** Extracted: /tha_rules/VRT-multimedia.rules**** Extracted: /tha_rules/VRT-web-client.rules**** Extracted: /tha_rules/VRT-exploit-kit.rules**** Extracted: /tha_rules/VRT-protocol-pop.rules**** Extracted: /tha_rules/VRT-browser-plugins.rules**** Extracted: /tha_rules/VRT-policy.rules**** Extracted: /tha_rules/VRT-web-attacks.rules**** Extracted: /tha_rules/VRT-imap.rules**** Extracted: /tha_rules/VRT-file-flash.rules**** Extracted: /tha_rules/VRT-nntp.rules**** Extracted: /tha_rules/VRT-dos.rules**** Extracted: /tha_rules/VRT-finger.rules**** Extracted: /tha_rules/VRT-phishing-spam.rules**** No such file in archive: 'doc/signatures/rules/VRT-License.txt' at d:\winids\pulledpork\pulledpork.pl line 293.**** Could not find an entry for 'doc/signatures/rules/VRT-License.txt' at d:\winids\pulledpork\pulledpork.pl line 293.**** Extracted: d:\winids\Apache24\htdocs\base\signatures\rules/VRT-License.txt**** Extracted: /tha_rules/VRT-server-mysql.rules**** Extracted: /tha_rules/VRT-oracle.rules**** Extracted: /tha_rules/VRT-server-iis.rules**** Extracted: /tha_rules/VRT-app-detect.rules**** Extracted: /tha_rules/VRT-policy-multimedia.rules**** Extracted: /tha_rules/VRT-pop2.rules**** Extracted: /tha_rules/VRT-bad-traffic.rules**** Extracted: /tha_rules/VRT-web-cgi.rules**** Prepping rules from snortrules-snapshot-2940.tar.gz for work....**** extracting contents of d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz...**** Ignoring plaintext rules: deleted.rules**** Ignoring plaintext rules: experimental.rules**** Ignoring plaintext rules: local.rules**** Extracted: /tha_rules/VRT-server-other.rules**** Extracted: /tha_rules/VRT-pua-adware.rules**** Extracted: /tha_rules/VRT-misc.rules**** Extracted: /tha_rules/VRT-malware-backdoor.rules**** Extracted: /tha_rules/VRT-indicator-compromise.rules**** Extracted: /tha_rules/VRT-file-pdf.rules**** Extracted: /tha_rules/VRT-content-replace.rules**** Extracted: /tha_rules/VRT-file-identify.rules**** Extracted: /tha_rules/VRT-browser-webkit.rules**** Extracted: /tha_rules/VRT-specific-threats.rules**** Extracted: /tha_rules/VRT-file-office.rules**** Extracted: /tha_rules/VRT-rpc.rules**** Extracted: /tha_rules/VRT-dns.rules**** Extracted: /tha_rules/VRT-os-other.rules**** Extracted: /tha_rules/VRT-snmp.rules**** Extracted: /tha_rules/VRT-policy-other.rules**** Extracted: /tha_rules/VRT-web-coldfusion.rules**** Extracted: /tha_rules/VRT-protocol-voip.rules**** Extracted: /tha_rules/VRT-file-image.rules**** Extracted: /tha_rules/VRT-chat.rules**** Extracted: /tha_rules/VRT-voip.rules**** Extracted: /tha_rules/VRT-os-solaris.rules**** Extracted: /tha_rules/VRT-server-mssql.rules**** Extracted: /tha_rules/VRT-pop3.rules**** Extracted: /tha_rules/VRT-preprocessor.rules**** Extracted: /tha_rules/VRT-policy-social.rules**** Extracted: /tha_rules/VRT-protocol-ftp.rules**** Extracted: /tha_rules/VRT-server-webapp.rules**** Extracted: /tha_rules/VRT-server-oracle.rules**** Extracted: /tha_rules/VRT-scada.rules**** Extracted: /tha_rules/VRT-other-ids.rules**** Extracted: /tha_rules/VRT-server-apache.rules**** Extracted: /tha_rules/VRT-sql.rules**** Extracted: /tha_rules/VRT-icmp.rules**** Extracted: /tha_rules/VRT-file-multimedia.rules**** Extracted: /tha_rules/VRT-pua-p2p.rules**** Extracted: /tha_rules/VRT-info.rules**** Extracted: /tha_rules/VRT-pua-other.rules**** Extracted: /tha_rules/VRT-server-mail.rules**** Extracted: /tha_rules/VRT-netbios.rules**** Extracted: /tha_rules/VRT-smtp.rules**** Extracted: /tha_rules/VRT-protocol-icmp.rules**** Extracted: /tha_rules/VRT-sensitive-data.rules**** Extracted: /tha_rules/VRT-indicator-shellcode.rules**** Extracted: /tha_rules/VRT-web-iis.rules**** Extracted: /tha_rules/VRT-protocol-finger.rules**** Extracted: /tha_rules/VRT-botnet-cnc.rules**** Extracted: /tha_rules/VRT-pua-toolbars.rules**** Extracted: /tha_rules/VRT-mysql.rules**** Extracted: /tha_rules/VRT-virus.rules**** Extracted: /tha_rules/VRT-protocol-imap.rules**** Extracted: /tha_rules/VRT-malware-cnc.rules**** Extracted: /tha_rules/VRT-web-misc.rules**** Extracted: /tha_rules/VRT-tftp.rules**** Extracted: /tha_rules/VRT-shellcode.rules**** Extracted: /tha_rules/VRT-blacklist.rules**** Extracted: /tha_rules/VRT-spyware-put.rules**** Extracted: /tha_rules/VRT-exploit.rules**** Extracted: /tha_rules/VRT-protocol-services.rules**** Extracted: /tha_rules/VRT-browser-ie.rules**** Extracted: /tha_rules/VRT-os-windows.rules**** Extracted: /tha_rules/VRT-ddos.rules**** Extracted: /tha_rules/VRT-attack-responses.rules**** Extracted: /tha_rules/VRT-browser-firefox.rules**** Extracted: /tha_rules/VRT-browser-chrome.rules**** Extracted: /tha_rules/VRT-telnet.rules**** Extracted: /tha_rules/VRT-browser-other.rules**** Extracted: /tha_rules/VRT-icmp-info.rules**** Extracted: /tha_rules/VRT-os-linux.rules**** Extracted: /tha_rules/VRT-indicator-obfuscation.rules**** Extracted: /tha_rules/VRT-policy-spam.rules**** Extracted: /tha_rules/VRT-malware-tools.rules**** Extracted: /tha_rules/VRT-x11.rules**** Extracted: /tha_rules/VRT-p2p.rules**** Extracted: /tha_rules/VRT-scan.rules**** Extracted: /tha_rules/VRT-ftp.rules**** Extracted: /tha_rules/VRT-malware-other.rules**** Extracted: /tha_rules/VRT-web-php.rules**** Extracted: /tha_rules/VRT-web-activex.rules**** Extracted: /tha_rules/VRT-decoder.rules**** Extracted: /tha_rules/VRT-web-frontpage.rules**** Extracted: /tha_rules/VRT-rservices.rules**** Extracted: /tha_rules/VRT-file-executable.rules**** Extracted: /tha_rules/VRT-file-other.rules**** Extracted: /tha_rules/VRT-backdoor.rules**** Extracted: /tha_rules/VRT-multimedia.rules**** Extracted: /tha_rules/VRT-web-client.rules**** Extracted: /tha_rules/VRT-exploit-kit.rules**** Extracted: /tha_rules/VRT-protocol-pop.rules**** Extracted: /tha_rules/VRT-browser-plugins.rules**** Extracted: /tha_rules/VRT-policy.rules**** Extracted: /tha_rules/VRT-web-attacks.rules**** Extracted: /tha_rules/VRT-imap.rules**** Extracted: /tha_rules/VRT-file-flash.rules**** Extracted: /tha_rules/VRT-nntp.rules**** Extracted: /tha_rules/VRT-dos.rules**** Extracted: /tha_rules/VRT-finger.rules**** Extracted: /tha_rules/VRT-phishing-spam.rules**** No such file in archive: 'doc/signatures/rules/VRT-License.txt' at d:\winids\pulledpork\pulledpork.pl line 293.**** Could not find an entry for 'doc/signatures/rules/VRT-License.txt' at d:\winids\pulledpork\pulledpork.pl line 293.**** Extracted: d:\winids\Apache24\htdocs\base\signatures\rules/VRT-License.txt**** Extracted: /tha_rules/VRT-server-mysql.rules**** Extracted: /tha_rules/VRT-oracle.rules**** Extracted: /tha_rules/VRT-server-iis.rules**** Extracted: /tha_rules/VRT-app-detect.rules**** Extracted: /tha_rules/VRT-policy-multimedia.rules**** Extracted: /tha_rules/VRT-pop2.rules**** Extracted: /tha_rules/VRT-bad-traffic.rules**** Extracted: /tha_rules/VRT-web-cgi.rules**** Cleanup....**** removed 108 temporary snort files or directories from d:\winids\pulledpork\temp/tha_rules!**** Fly Piggy Fly!**** ** ** Best regards,**** Michael...**** ** ** ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- PulledPork not processing Michael Steele (Feb 09)
- Re: PulledPork not processing Michael Steele (Feb 10)
- Re: PulledPork not processing Joel Esler (Feb 10)
- Re: PulledPork not processing Joel Esler (Feb 10)
- Re: PulledPork not processing JJ Cummings (Feb 10)
- Re: PulledPork not processing Tony Robinson (Feb 10)
- Re: PulledPork not processing Michael Steele (Feb 10)
- Re: PulledPork not processing JJ Cummings (Feb 10)
- Re: PulledPork not processing Joel Esler (Feb 10)
- Re: PulledPork not processing Michael Steele (Feb 10)