Re: Can we still use oinkmaster?

["Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>]

2.4 has been unsupported for about 10 years.

--
Joel Esler | Talos: Manager | jesler () cisco com<mailto:jesler () cisco com>






On Feb 1, 2018, at 2:17 PM, Michael Shirk via Snort-sigs <snort-sigs () lists snort org<mailto:snort-sigs () lists 
snort org>> wrote:

A couple things:

Please upgrade to a new version of CentOS.
Please upgrade to a new version of Snort.

And the pulledpork error is because you are using a version of pulledpork that does not match the pulledpork.conf file.



--
Michael Shirk
Daemon Security, Inc.
https://www.daemon-security.com<https://www.daemon-security.com/>


On Feb 1, 2018 14:11, "Álvaro Gustavo da Veiga" <alvarogustavo () daveiga pt<mailto:alvarogustavo () daveiga pt>> wrote:
Hello,
I have an old Centos 5.11 server and i'am trying to get updates from oinkmaster, but without success, my snort version 
is 2.4 and as i can see there is only 2.9 rules download on the website
"
Loading /etc/snort/oinkmaster-2.0/oinkmaster.conf

/etc/snort/oinkmaster-2.0/oinkmaster.pl<http://oinkmaster.pl/>: Error: incorrect URL: 
"https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz?oinkcode=myoinkcode";

Oink, oink. Exiting..."

What can i do? I tried to use pulledpork but i keep getting this error doesnt matter what i try:

]# sudo /usr/local/bin/pulledpork.pl<http://pulledpork.pl/> -c /etc/snort/pulledpork.conf -l

    https://github.com/shirkdog/pulledpork
      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.7.4 - Helping you protect your bitcoin wallet!
       `--==\\/
     .-~~~~-.Y|\\_  Copyright (C) 2009-2017 JJ Cummings, Michael Shirk
  @_/        /  66\_  and the PulledPork Team!
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You are not using the current version of pulledpork.conf!
Please use the version that shipped with PulledPork v0.7.4!

 at /usr/local/bin/pulledpork.pl<http://pulledpork.pl/> line 1790

Thank you.

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org<mailto:Snort-sigs () lists snort org>
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org<http://Snort.org> to subscribe to the official Snort ruleset, make sure to stay up to date to catch 
the most <a href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org<mailto:Snort-sigs () lists snort org>
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!