Re: Pulledpork.pl Arm64

[Michael Shirk via Snort-sigs <snort-sigs () lists snort org>]

That part of pulledpork is used to select the appropriate arch for the
precompiled shared object rules provided by Talos.

None of those rules are built for arm architectures, but the script should
handle it when it does not find i386 or x86-64.

I will make an issue to address this, but your rule update still runs
correct?

--
Michael Shirk
Daemon Security, Inc.
https://www.daemon-security.com

On Oct 12, 2017 06:40, "Stuart Naylor via Snort-sigs" <
snort-sigs () lists snort org> wrote:

> Hi snort noob here but got to the pulled pork script.
>
> On run I get Use of uninitialized value $arch in regexp compilation at
> /usr/local/bin/pulledpork.pl line 317
>
>
>
> Looking at the script only x86 / amd64 seems to be there with no armhf or
> arm64?
>
> Can I fudge this and just force 64bit or is there no sigs for arm64?
>
>
>
> Apols prob a reall noob question.
>
> Any help would be much appreciated as snort & barnyard compiled perfectly.
>
>
>
>
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for
> Windows 10
>
>
>
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs () lists snort org
> https://lists.snort.org/mailman/listinfo/snort-sigs
>
> http://www.snort.org
>
> Please visit http://blog.snort.org for the latest news about Snort!
>
> Visit the Snort.org to subscribe to the official Snort ruleset, make sure
> to stay up to date to catch the most <a href="
> https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

http://www.snort.org

Please visit http://blog.snort.org for the latest news about Snort!

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!