Snort mailing list archives

Returned mail: User unknown

From: Mail Delivery Subsystem via Snort-users <snort-users () lists snort org>
Date: Wed, 23 Jan 2019 13:08:38 -0800 (PST)

The original message was received at Tue, 22 Jan 2019 12:52:50 -0600
from mailmanlists.network. [192.34.61.247]

   ----- The following addresses had permanent fatal errors -----
bwpathome () gmail com
    (expanded from: bwpathome () gmail com)

   ----- Transcript of session follows -----
mail.local: unknown name: bwpathome
550 bwpathome () gmail com... User unknown

Reporting-MTA: dns; mx1.gmail.com
Received-From-MTA: DNS; mailmanlists.network.
Arrival-Date: Tue, 22 Jan 2019 12:52:50 -0600

Final-Recipient: RFC822; bwpathome@gmail.com
X-Actual-Recipient: RFC822; bwpathome@gmail.com
Action: failed
Status: 5.1.1
Last-Attempt-Date: Tue, 22 Jan 2019 12:52:50 -0600

--- Begin Message --- From: "Joel Esler \(jesler\) via Snort-users" <snort-users () lists snort org>
Date: Tue, 22 Jan 2019 18:38:55 +0000

Snort 3 snort.conf files are not compatible with Snort 2 and vice versa.

Snort 2 snort.conf files are on the documentation page.  Under "CONFS"

On Jan 22, 2019, at 1:18 PM, Dorian ROSSE <dorianbrice () hotmail fr> wrote:

Where can I find the snort.conf? 

I think I should copy paste the snort.conf in my snort3 for the 29120? 

Thank you in advance to answer if you are agree, 

Regards. 


Dorian Rosse.

From: Joel Esler (jesler) <jesler () cisco com>
Sent: Tuesday, January 22, 2019 7:14:53 PM
To: Dorian ROSSE
Cc: Lucas Smith; snort-users () lists snort org
Subject: Re: [Snort-users] snort.conf missing
 
That's not the snort.conf, that's the reference.config file.

On Jan 22, 2019, at 12:38 PM, Dorian ROSSE <dorianbrice () hotmail fr <mailto:dorianbrice () hotmail fr>> wrote:

The content of the snort.conf :


# $Id$
# The following defines URLs for the references found in the rules
#
# config reference: system URL
 
config reference: bugtraq   http://www.securityfocus.com/bid/ <http://www.securityfocus.com/bid/>
config reference: cve       http://cve.mitre.org/cgi-bin/cvename.cgi?name= 
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=>
config reference: arachNIDS http://www.whitehats.com/info/IDS <http://www.whitehats.com/info/IDS>
config reference: osvdb     http://osvdb.org/show/osvdb/ <http://osvdb.org/show/osvdb/>
 
# Note, this one needs a suffix as well.... lets add that in a bit.
config reference: McAfee    http://vil.nai.com/vil/content/v_ <http://vil.nai.com/vil/content/v_>
config reference: nessus    http://cgi.nessus.org/plugins/dump.php3?id= <http://cgi.nessus.org/plugins/dump.php3?id=>
config reference: url       http://
config reference: msb       http://technet.microsoft.com/en-us/security/bulletin/ 
<http://technet.microsoft.com/en-us/security/bulletin/>


there are some days when I go to the link I fall on the same html page !

Thank you in advance to help me,

Regards.


Dorian ROSSE.
 
De : Joel Esler (jesler) <jesler () cisco com <mailto:jesler () cisco com>>
Envoyé : Tuesday, January 22, 2019 6:16:13 PM
À : Dorian ROSSE
Cc : Lucas Smith; snort-users () lists snort org <mailto:snort-users () lists snort org>
Objet : Re: [Snort-users] snort.conf missing
 
Please attach, or copy and paste the contents of the email file that you are downloading to this email.

Sent from my  iPhone

On Jan 22, 2019, at 12:01, Dorian ROSSE via Snort-users <snort-users () lists snort org <mailto:snort-users () lists 
snort org>> wrote:

There is nothing in the downloaded files :(

Dorian Rosse. 

From: Dorian ROSSE <dorianbrice () hotmail fr <mailto:dorianbrice () hotmail fr>>
Sent: Tuesday, January 22, 2019 1:11:55 PM
To: Lucas Smith
Cc: snort-users () lists snort org <mailto:snort-users () lists snort org>
Subject: Re: [Snort-users] snort.conf missing
 
I tried this morning then successfully downloaded, 

Regards. 


Dorian Rosse. 

From: Dorian ROSSE <dorianbrice () hotmail fr <mailto:dorianbrice () hotmail fr>>
Sent: Tuesday, January 22, 2019 8:24:19 AM
To: Lucas Smith
Cc: snort-users () lists snort org <mailto:snort-users () lists snort org>
Subject: Re: [Snort-users] snort.conf missing
 
Ok I will try again, 

Thank you, 

Regards. 


Dorian Rosse. 

From: Lucas Smith <vedalken () veddysec net <mailto:vedalken () veddysec net>>
Sent: Tuesday, January 22, 2019 3:13:05 AM
To: Dorian ROSSE
Cc: snort-users () lists snort org <mailto:snort-users () lists snort org>
Subject: Re: [Snort-users] snort.conf missing
 
That link you posted is not even a snort.conf file but is a URL reference file. That being said, running the same 
command as you I downloaded fine and it is not an index.html file.

$ wget https://www.snort.org/documents/reference-config <https://www.snort.org/documents/reference-config>
--2019-01-22 02:08:16--  https://www.snort.org/documents/reference-config 
<https://www.snort.org/documents/reference-config>
Resolving www.snort.org <http://www.snort.org/> (www.snort.org <http://www.snort.org/>)... 2606:4700::6810:3e4b, 
2606:4700::6810:424b, 2606:4700::6810:404b, ...
Connecting to www.snort.org <http://www.snort.org/> (www.snort.org 
<http://www.snort.org/>)|2606:4700::6810:3e4b|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: 
https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b
 
<https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b>
 [following]
--2019-01-22 02:08:16--  
https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b
 
<https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b>
Resolving snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/> 
(snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/>)... 52.216.227.8
Connecting to snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/> 
(snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/>)|52.216.227.8|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 687 [application/octet-stream]
Saving to: ‘reference-config’

reference-config                        
100%[==============================================================================>]     687  --.-KB/s    in 0.002s

2019-01-22 02:08:17 (292 KB/s) - ‘reference-config’ saved [687/687]


On the Documents site, you will have to find one compatible with your version of snort and the ones you'd need to 
look at go snort.x.conf where x is a set of numbers either 4 or 7 digits long.

Lucas

On Sat, Jan 19, 2019 at 2:15 AM Dorian ROSSE via Snort-users <snort-users () lists snort org <mailto:snort-users () 
lists snort org>> wrote:
I have a problem, 

I do this :

#wget https://www.snort.org/documents/reference-config <https://www.snort.org/documents/reference-config>

And finaly It download index.html instead à snort.conf file,

Anybody can help me? 

Thank you in advance, 

Regards. 


Dorian Rosse. 

From: Dorian ROSSE
Sent: Friday, January 18, 2019 3:20:29 PM
To: snort-users () lists snort org <mailto:snort-users () lists snort org>
Subject: snort.conf missing

--- End Message ---

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Current thread:

Returned mail: User unknown Mail Delivery Subsystem via Snort-users (Jan 23)
- <Possible follow-ups>
- Returned mail: User unknown Mail Delivery Subsystem via Snort-users (Jan 23)
- Returned mail: User unknown Mail Delivery Subsystem via Snort-users (Jan 23)
- Returned mail: User unknown Mail Delivery Subsystem via Snort-users (Jan 23)