Re: Rules updates broken?

[elof () sentor se]

I too have this annoying issue.

wget -v --debug 'https://www.snort.org/'
DEBUG output created by Wget 1.13.4 on linux-gnu.

URI encoding = `UTF-8'
--2014-12-10 11:49:27--  https://www.snort.org/
Resolving www.snort.org (www.snort.org)... 104.28.24.35, 104.28.25.35, 
2400:cb00:2048:1::681c:1823, ...
Caching www.snort.org => 104.28.24.35 104.28.25.35 
2400:cb00:2048:1::681c:1823 2400:cb00:2048:1::681c:1923
Connecting to www.snort.org (www.snort.org)|104.28.24.35|:443... 
connected.
Created socket 4.
Releasing 0x0000000002278790 (new refcount 1).
GnuTLS: A TLS fatal alert has been received.
Closed fd 4
Unable to establish SSL connection.



If you use Debian Stable you get wget 1.13.4.
Googling the error message hints that you need wget >= 1.15.


Do anyone have a workaround? I don't want to compile the latest wget 
manually, since this breaks the ability to easily keep everything 
up to date with 'apt-get upgrade'.

/Elof


On Wed, 10 Dec 2014, waldo kitty wrote:

> On 12/10/2014 6:56 PM, Cary Townsend wrote:
> > Hi All,
> >
> > We use wget to obtain rule updates from snort.org with our oink code, but it
> > is now broken.  Apparently, snort.org is now behind cloudflare, which denies
> > direct IP access.  Basically, the cert wget ultimately receives is
> > cloudflare's cert, not snort.org's.  A web browser seems to get redirected
> > somehow to the real snort site and gets the snort.org cert.  Thoughts?
>
> wget works fine over here...  we've not seen any problems using it other than a
> few niggles here and there that were easily taken care of...
>
> do you perhaps mean amazonaws instead of cloudfare?
>
> what url are you using to get the rules? (obfuscate your oinkcode)
>
> what version of snort are you trying to get rules for?
>
> --
>  NOTE: No off-list assistance is given without prior approval.
>        Please *keep mailing list traffic on the list* unless
>        private contact is specifically requested and granted.
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!