Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PulledPork Rules with Snort 2.9.2

From: Joel Esler <jesler () sourcefire com>
Date: Wed, 18 Sep 2013 12:19:33 -0400
Dear Christian,

The version of rules you are attempting to download don't exist anymore as a result of our EOL policy.

Please see it here:
http://www.snort.org/vrt/rules/eol_policy
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire


On Sep 18, 2013, at 12:07 PM, Christian Gebler <geblerchristian () googlemail com> wrote:


Hello, 

since last week I am having trouble to download  my VRT rules with PulledPork. 
My Snort and PulledPork runs on an Ubuntu 12.04LTS Server version with the latest Snort Package (2.9.2-3ubuntu1) from 
the Ubuntu Repo. I also installed the latest PulledPork version (07.0) from the google code website.

Is 2.9.2 no longer supported? 

Here is my error:

Config File Variable Debug ./etc/pulledpork.conf
        snort_path = /usr/sbin/snort
        black_list = /etc/snort/rules/iplists/default.blacklist
        IPRVersion = /etc/snort/rules/iplists
        rule_path = /etc/snort/rules/snort.rules
        ignore = deleted.rules,experimental.rules,local.rules
        snort_control = /usr/local/bin/snort_control
        rule_url = ARRAY(0x2dc37b0)
        sid_msg_version = 1
        sid_changelog = /var/log/sid_changes.log
        sid_msg = /etc/snort/sid-msg.map
        config_path = /etc/snort/snort.conf
        temp_path = /tmp
        distro = FreeBSD-8.1
        sorule_path = /usr/local/lib/snort_dynamicrules/
        version = 0.7.0
        local_rules = /etc/snort/rules/local.rules
MISC (CLI and Autovar) Variable Debug:
        arch Def is: x86-64
        Config Path is: ./etc/pulledpork.conf
        Distro Def is: FreeBSD-8.1
        Disabled policy specified
        local.rules path is: /etc/snort/rules/local.rules
        Rules file is: /etc/snort/rules/snort.rules
        Path to disablesid file: /etc/disablesid.conf
        sid changes will be logged to: /var/log/sid_changes.log
        sid-msg.map Output Path is: /etc/snort/sid-msg.map
        SIGHUP Flag is Set
        Snort Version is: 2.9.2.0
        Snort Config File: /etc/snort/snort.conf
        Snort Path is: /usr/sbin/snort
        Text Rules only Flag is Set
        Extra Verbose Flag is Set
        Verbose Flag is Set
        Base URL is: http://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<oinkcode> 
http://s3.amazonaws.com/snort-org/www/rules/community/|community-rules.tar.gz|Community 
http://labs.snort.org/feeds/ip-filter.blf|IPBLACKLIST|open http://www.snort.org/reg-rules/|opensource.gz|<oinkcode>


MY HTTPS PROXY = http://proxy:8080


MY HTTP PROXY = http://proxy:8080
Checking latest MD5 for snortrules-snapshot-2920.tar.gz....
        Fetching md5sum for: snortrules-snapshot-2920.tar.gz.md5
** GET http://www.snort.org/reg-rules/snortrules-snapshot-2920.tar.gz.md5/<oinkcode> ==> 200 OK (1s)
        most recent rules file digest: d57a807b52ff2b4cebbd1d25242e6bb9
Rules tarball download of snortrules-snapshot-2920.tar.gz....
        Fetching rules file: snortrules-snapshot-2920.tar.gz
** GET http://www.snort.org/reg-rules/snortrules-snapshot-2920.tar.gz/<oinkcode> ==> 302 Moved Temporarily
** GET 
http://s3.amazonaws.com/snort-org/www/rules/20120426/snortrules-snapshot-2920.tar.gz?AWSAccessKeyId=AKIAJ65S5YX6KA26VRJQ&Expires=1379520098&Signature=UVek67%2Bl4qth3%2FiQjqKr5dcRlOU%3D
 ==> 403 Forbidden (1s)
        A 403 error occurred, please wait for the 15 minute timeout
        to expire before trying again or specify the -n runtime switch
        You may also wish to verfiy your oinkcode, tarball name, and other configuration options

------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. 
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!



------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. 
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: