Snort mailing list archives
Re: Pulled Pork - 403 error for subscriber
From: Joe Evango <Joe.Evango () annaslinens com>
Date: Mon, 7 Apr 2014 13:31:18 -0700
The site will return a 403 error if your oinkcode isn't entered correctly. Disregard if you have already verified this. -Joe -----Original Message----- From: Vona, Steven A CIV NSWCCD Philadelphia, 34117 [mailto:steven.vona () navy mil] Sent: Monday, April 07, 2014 12:58 PM To: Teo En Ming Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Pulled Pork - 403 error for subscriber I am a registered user and I also have an oinkcode in order to download the VRT rules. Am I misunderstanding you? Steve -----Original Message----- From: Teo En Ming [mailto:teo.en.ming () gmail com] Sent: Monday, April 07, 2014 3:56 PM To: Vona, Steven A CIV NSWCCD Philadelphia, 34117 Cc: snort-users () lists sourceforge net; Teo En Ming Subject: Re: [Snort-users] Pulled Pork - 403 error for subscriber Dear Steven, You need to be a registered user to download Snort rules (snortrules-snapshot-2960.tar. gz) and its md5 checksum file (snortrules-snapshot-2960.tar. gz.md5). You need to create an account at the Snort official website and log in to download all these files. A log in to the Snort server is required. That is why you are experiencing a 403 Forbidden error with pulled-pork. The pulled-pork perl script cannot log in to the Snort server with your username and password and the md5 checksum file may not be available on the Snort server. Teo En Ming . On Tue, Apr 8, 2014 at 3:34 AM, Vona, Steven A CIV NSWCCD Philadelphia, 34117 <steven.vona () navy mil> wrote: Hello, I have a current subscription for the latest snort rules but seem to be having issues with pulled pork. I was unable to get any help from the pulled pork user group and was hoping I can get some here. I receive a 403 error everytime I try to run pulled pork. Verbose output below (some information was changed for security reasons). /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -vv http://code.google.com/p/pulledpork/ _____ ____ `----,\ ) `--==\\ / PulledPork v0.7.0 - Swine Flu! `--==\\/ .-~~~~-.Y|\\_ Copyright (C) 2009-2013 JJ Cummings @_/ / 66\_ cummingsj () gmail com | \ \ _(") \ /-| ||'--' Rules give me wings! \_\ \_\\ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Config File Variable Debug /etc/snort/pulledpork.conf snort_path = /usr/local/bin/snort black_list = /etc/snort/rules/iplists/default.blacklist IPRVersion = /etc/snort/rules/iplists rule_path = /etc/snort/rules/snort.rules ignore = deleted.rules,experimental.rules,local.rules snort_control = /usr/local/bin/snort_control rule_url = ARRAY(0x125f388) sid_msg_version = 1 sid_changelog = /var/log/sid_changes.log sid_msg = /etc/snort/sid-msg.map config_path = /etc/snort/snort.conf temp_path = /tmp distro = RHEL-6-0 version = 0.7.0 sorule_path = /usr/local/lib/snort_dynamicrules/ out_path = /etc/snort/rules/ local_rules = /etc/snort/rules/local.rules MISC (CLI and Autovar) Variable Debug: arch Def is: x86-64 Config Path is: /etc/snort/pulledpork.conf Distro Def is: RHEL-6-0 Disabled policy specified local.rules path is: /etc/snort/rules/local.rules Rules file is: /etc/snort/rules/snort.rules sid changes will be logged to: /var/log/sid_changes.log sid-msg.map Output Path is: /etc/snort/sid-msg.map Snort Version is: 2.9.6.0 Snort Config File: /etc/snort/snort.conf Snort Path is: /usr/local/bin/snort SO Output Path is: /usr/local/lib/snort_dynamicrules/ Will process SO rules Extra Verbose Flag is Set Verbose Flag is Set Base URL is: http://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<MY OINKCODE> MY HTTPS PROXY = http://webcache.mydomain.com:80 MY HTTP PROXY = http://webcache.mydomain.com:80 Checking latest MD5 for snortrules-snapshot-2960.tar.gz.... Fetching md5sum for: snortrules-snapshot-2960.tar.gz.md5 ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz.md5/<MY OINKCODE> ==> 403 Access Denied A 403 error occurred, please wait for the 15 minute timeout to expire before trying again or specify the -n runtime switch You may also wish to verfiy your oinkcode, tarball name, and other configuration options Error 403 when fetching http://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz.md5 at /usr/local/bin/pulledpork.pl line 463 main::md5file('<MY OINKCODE>', 'snortrules-snapshot-2960.tar.gz', '/tmp/', 'http://www.snort.org/reg-rules/') called at /usr/local/bin/pulledpork.pl line 1847 ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Pulled Pork - 403 error for subscriber Vona, Steven A CIV NSWCCD Philadelphia, 34117 (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Teo En Ming (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Vona, Steven A CIV NSWCCD Philadelphia, 34117 (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Joe Evango (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Vona, Steven A CIV NSWCCD Philadelphia, 34117 (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Joel Esler (jesler) (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Vona, Steven A CIV NSWCCD Philadelphia, 34117 (Apr 07)
- Re: Pulled Pork - 403 error for subscriber Teo En Ming (Apr 07)