Snort mailing list archives
When Upgrading Breaks Auto Rule Management
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Thu, 28 Apr 2011 16:10:22 +0000
Finally got around to trying to use my oinkcode and all this automated razzamatazz with my new Snort 2.9.0.5 sensors I am building. Trying out pulledpork, supply my Oinkcode in the conf that I just pulled from https://www.snort.org/account/oinkcode, and whenever I tried to use it, it always bombs out and gives me a 403. # pulledpork.pl -c pulledpork.conf Checking latest MD5 for snortrules-snapshot-2905.tar.gz.... A 403 error occurred, please wait for the 15 minute timeout to expire before trying again or specify the -n runtime switch You may also wish to verfiy your oinkcode, tarball name, and other configuration options Error 403 when fetching https://www.snort.org/reg-rules/snortrules-snapshot-2905.tar.gz.md5 at /<REDACTEDFILEPATH>/pulledpork.pl line 453 main::md5file('<REDACTEDOINKCODE>', 'snortrules-snapshot-2905.tar.gz', '/tmp/', 'https://www.snort.org/reg-rules/') called at /opt/bcs/bin/pulledpork.pl line 1758 Then it occurred to me, go to the site and check if 2.9.0.5 rules are available yet for registered users and after reviewing that site and the SourceFire blog, it was clear that 30 days have not passed yet. Is it possible to get some kind of place holder to pull down the 2.9.0.4 version of the rules until the 2.9.0.5 rules are available? Otherwise if users roll out a new sensor within the first 30 days of a new Snort version being released, their VRT auto rule updating will break until the 30 days has expired. -- Eoin ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- When Upgrading Breaks Auto Rule Management Eoin Miller (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Joel Esler (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Eoin Miller (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Jason Wallace (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Merida, Dylan (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Eoin Miller (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Eoin Miller (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management Joel Esler (Apr 28)
- Re: When Upgrading Breaks Auto Rule Management waldo kitty (Apr 28)