Re: Error 422 with snortrules-snapshot-2972.tar.gz

["Joel Esler (jesler)" <jesler () cisco com>]

Not sure what the issue is, I’m watching the logs on Snort.org<http://Snort.org> right now, and thousands of people 
seem to not be having a problem.  Is your oinkcode valid, no typos in it?

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos Group
http://www.talosintel.com

On May 29, 2015, at 7:49 AM, Scott Link <linksg () slu edu<mailto:linksg () slu edu>> wrote:

In the meantime, I've applied the latest Security Onion updates. I had to restart nsm service to get everything back 
online after, but sostat is now reporting all is well.

Retried rule-update and the error message is still there.

Any additional information I can make a run at tracking down and providing?

On Fri, May 22, 2015 at 6:51 PM, Joel Esler (jesler) <jesler () cisco com<mailto:jesler () cisco com>> wrote:
We are going to look into this.  However, everyone is pretty much out of the office until Tuesday.

--
Joel Esler
Sent from my iPhone

On May 22, 2015, at 4:28 PM, Shirkdog <shirkdog () gmail com<mailto:shirkdog () gmail com>> wrote:



On May 22, 2015 3:45 PM, "Scott Link" <linksg () slu edu<mailto:linksg () slu edu>> wrote:
> Hi,
>
> Getting the following error message:
> Running PulledPork.
>     Error 422 when fetching https://www.snort.org/reg-rules/snortrules-snapshot-2972.tar.gz.md5 at 
> /usr/bin/pulledpork.pl<http://pulledpork.pl/> line 463
>     main::md5file(' <oinkcode redacted>', 'snortrules-snapshot-2972.tar.gz', '/tmp/', 
> 'https://www.snort.org/reg-rules/&apos;) called at /usr/bin/pulledpork.pl<http://pulledpork.pl/> line 1885
>     http://code.google.com/p/pulledpork/
>       _____ ____
>      `----,\    )
>       `--==\\  /    PulledPork v0.7.0 - Swine Flu!
>        `--==\\/
>      .-~~~~-.Y|\\_  Copyright (C) 2009-2013 JJ Cummings
>   @_/        /  66\_  cummingsj () gmail com<mailto:cummingsj () gmail com>
>     |    \   \   _(")
>      \   /-| ||'--'  Rules give me wings!
>       \_\  \_\\
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Checking latest MD5 for snortrules-snapshot-2972.tar.gz....
>
> Searching the archive seems to point to server-side issue. Need anything else?

Try with Snort version 2.9.7.3

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net>
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!



--
Scott Link
Manager, ITS Infrastructure Operations Security
Saint Louis University
www.slu.edu<http://www.slu.edu/>
314.977.9713

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!