Snort mailing list archives

Duplicated rules with the last update

From: "C. L. Martinez" <carlopmart () gmail com>
Date: Fri, 19 Apr 2013 14:03:09 +0000

Hi all,

 I have updated my snort rules five minutes ago and a lot of messages like
these appears:

Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-app-detect.rules(38) GID 1 SID 21488
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-app-detect.rules(56) GID 1 SID 24397
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(8) GID 1 SID 23799
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(10) GID 1 SID 23800
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(12) GID 1 SID 23801
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(14) GID 1 SID 23802
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(16) GID 1 SID 23803
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-botnet-cnc.rules(18) GID 1 SID 23804
in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-chrome.rules(8) GID 1 SID
16667 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-chrome.rules(10) GID 1 SID
16668 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-chrome.rules(20) GID 1 SID
19710 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(14) GID 1 SID
13838 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(16) GID 1 SID
15164 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(20) GID 1 SID
15383 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(24) GID 1 SID
15431 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(26) GID 1 SID
15699 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(32) GID 1 SID
15997 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(34) GID 1 SID
15999 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(56) GID 1 SID
16142 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(60) GID 1 SID
16284 in rule duplicates previous rule. Ignoring old rule.
Apr 19 13:58:32 nsm01 snort[1565]: WARNING:
/data/config/etc/idpsnort01/rules/VRT-browser-firefox.rules(68) GID 1 SID
16347 in rule duplicates previous rule. Ignoring old rule.


 I am using pulledpork to update rules ...

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Duplicated rules with the last update C. L. Martinez (Apr 19)
- Re: Duplicated rules with the last update Joel Esler (Apr 19)
- Re: Duplicated rules with the last update Joel Esler (Apr 19)