Snort mailing list archives
Re: pulledpork 0.7.1 -wc certificate verification problem
From: Shirkdog <shirkdog () gmail com>
Date: Fri, 16 Jan 2015 20:49:43 -0500
0.7.0 is known to be good. Try again and see if you still have issues. There is one bug fix and the verification skip in 0.7.1, so if 0.7.0 does not work, something else is going on. --- Michael Shirk On Fri, Jan 16, 2015 at 8:14 PM, Joel Esler (jesler) <jesler () cisco com> wrote:
Nothing has changed with the site. -- Joel Esler Sent from my iPhone On Jan 16, 2015, at 7:29 PM, "amn0p () me com" <amn0p () me com> wrote: Hi everyone, I have the pulledpork 0.7.1 perl script to download snort rules. But because of certificate verification it keeps failing. I even tried the -w option. Please see verbose output below. Any guidance? Thanks for your time. sudo /usr/bin/pulledpork.pl -vvwc /usr/local/snort/etc/pulledpork.conf http://code.google.com/p/pulledpork/ _____ ____ `----,\ ) `--==\\ / PulledPork v0.7.1 - Swine Flu with a side of Ebola! `--==\\/ .-~~~~-.Y|\\_ Copyright (C) 2009-2014 JJ Cummings @_/ / 66\_ cummingsj () gmail com | \ \ _(") \ /-| ||'--' Rules give me wings! \_\ \_\\ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Config File Variable Debug /usr/local/snort/etc/pulledpork.conf snort_path = /usr/local/bin/snort enablesid = /usr/local/snort/etc/enablesid.conf black_list = /usr/local/snort/rules/black_list.rules IPRVersion = /usr/local/snort/rules/iplists rule_path = /usr/local/snort/rules/snort.rules ignore = deleted.rules,experimental.rules,local.rules state_order = disable,drop,enable snort_control = /usr/local/bin/snort_control rule_url = ARRAY(0x2133638) snort_version = 2.9.6.2 sid_msg_version = 1 sid_changelog = /var/log/sid_changes.log sid_msg = /usr/local/snort/etc/sid-msg.map config_path = /usr/local/snort/etc/snortint1.conf temp_path = /tmp distro = Ubuntu-12-04 version = 0.7.1 sorule_path = /usr/local/snort/lib/snort_dynamicrules/ disablesid = /usr/local/snort/etc/disablesid.conf local_rules = /usr/local/snort/rules/local.rules MISC (CLI and Autovar) Variable Debug: arch Def is: x86-64 Config Path is: /usr/local/snort/etc/pulledpork.conf Distro Def is: Ubuntu-12-04 Disabled policy specified local.rules path is: /usr/local/snort/rules/local.rules Rules file is: /usr/local/snort/rules/snort.rules Path to disablesid file: /usr/local/snort/etc/disablesid.conf Path to enablesid file: /usr/local/snort/etc/enablesid.conf sid changes will be logged to: /var/log/sid_changes.log sid-msg.map Output Path is: /usr/local/snort/etc/sid-msg.map Snort Version is: 2.9.6.2 Snort Config File: /usr/local/snort/etc/snortint1.conf Snort Path is: /usr/local/bin/snort SO Output Path is: /usr/local/snort/lib/snort_dynamicrules/ Will process SO rules Extra Verbose Flag is Set Verbose Flag is Set SSL Hostname Verification disabled Base URL is: https://www.snort.org/sub-rules/|snortrules-snapshot.tar.gz|<trimmed> http://labs.snort.org/feeds/ip-filter.blf|IPBLACKLIST|<trimmed> Checking latest MD5 for snortrules-snapshot-2962.tar.gz.... Fetching md5sum for: snortrules-snapshot-2962.tar.gz.md5 ** GET https://www.snort.org/reg-rules/snortrules-snapshot-2962.tar.gz.md5/<trimmed> ==> 500 Can't connect to www.snort.org:443 (certificate verify failed) (1s) Error 500 when fetching https://www.snort.org/sub-rules/snortrules-snapshot-2962.tar.gz.md5 at /usr/bin/pulledpork.pl line 482 main::md5file('<trimmed>', 'snortrules-snapshot-2962.tar.gz', '/tmp/', 'https://www.snort.org/sub-rules/') called at /usr/bin/pulledpork.pl line 1875 ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- pulledpork 0.7.1 -wc certificate verification problem amn0p (Jan 16)
- Re: pulledpork 0.7.1 -wc certificate verification problem Joel Esler (jesler) (Jan 16)
- Re: pulledpork 0.7.1 -wc certificate verification problem Shirkdog (Jan 16)
- Re: pulledpork 0.7.1 -wc certificate verification problem Joel Esler (jesler) (Jan 16)