Snort rules downloaded from Amazon AWS through plain http

[Vladimir Rabotka <vladimir.rabotka () mcgill ca>]

Hi there,

Has anybody else noticed that snort rules are now being downloaded from Amazon AWS through http ?
We allow https but block outgoing http from out snort machine and last night pulledpork failed with a bizarre 500 error.
Running pulledpork in verbose mode showed that the https call to snort.org is redirected to an Amazon AWS page that 
doesn't use SSL:

Rules tarball download of snortrules-snapshot-2956.tar.gz....
        Fetching rules file: snortrules-snapshot-2956.tar.gz
** GET https://www.snort.org/reg-rules/snortrules-snapshot-2956.tar.gz/### ==> 302 Found
** GET 
http://s3.amazonaws.com/snort-org-site/production/release_files/files/000/000/189/original/snortrules-snapshot-2956.tar.gz?AWSAccessKeyId=###
 &Expires=###&Signature=### ==> 500 Can't connect to s3.amazonaws.com:80 (connect: Connection refused)
        A 500 error occurred, please verify that you have recently updated your root certificates!

So anybody who intercepts the HTTP call can download the rules with somebody else's access key and keep the key for 
future use.


------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!