Snort mailing list archives
Re: [Snort-openappid] Snort rule management ubuntu
From: "Joel Esler \(jesler\) via Snort-users" <snort-users () lists snort org>
Date: Thu, 25 Jan 2018 18:58:23 +0000
Moving this from the openappid list to users. True, we did move to https, but but oinkmaster (which you should stop using) and pulledpork support https. Sounds like an issue that needs to be troubleshot for pulledpork. -- Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com> On Jan 24, 2018, at 6:36 PM, DElboux, Nathan J via Snort-openappid <snort-openappid () lists snort org<mailto:snort-openappid () lists snort org>> wrote: Hi all, I have a few sensors that I have just purchased VRT rule subscriptions for. Up until now they were using the emerging threats free ruleset. They are based on Ubuntu and live behind a proxy. I have discovered an issue with pulled pork within https via a proxy uses CONNECT method which is causing errors and not downloading the rules. So for the emerging threats ruleset I have switched to HTTP and it works fine. I read somewhere that HTTP has been cut off from the VRT url “www.snort.org<http://www.snort.org/>” “ so I must use HTTPS. Is anyone using a rule management utility like oinkmaster on Ubuntu behind a proxy that has had success? I can download the rules manually and inset them but with more sensors being on boarded I would prefer to have as much of it automated as I can. Thanks! Nathan _______________________________________________ Snort-openappid mailing list Snort-openappid () lists snort org<mailto:Snort-openappid () lists snort org> https://lists.snort.org/mailman/listinfo/snort-openappid Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Re: [Snort-openappid] Snort rule management ubuntu Joel Esler (jesler) via Snort-users (Jan 25)