Snort mailing list archives
Re: PulledPork puts empty snort.rules file in rules dir
From: JJC <cummingsj () gmail com>
Date: Tue, 22 Nov 2011 16:52:45 -0500
What does -vv produce when running pulled pork? Sent from my iPad On Nov 22, 2011, at 15:36, codeforfun <codeforfun () gawab com> wrote:
I am using PulledPork 0.6.1 on Windows XP to update my snort rules. I have managed to get PulledPork to download the rules to a tmp dir on my local computer ("snortrules-snapshot-2900.tar.gz"). With the file size of 27,091KB But when it comes to updating the c:\snort\rules dir, it only seems to place one empty file into this dir, the file is called "snort.rules" file size 0KB. Could someone please point me in the right direction to how i can solve this issue? You can read my pulledpork.conf file here: http://ctrlv.it/id/MjcwNDk1 This is the command i am using to run PulledPork = "pulledpork.pl -c ./etc/pulledpork.conf -v" I have been working on this for around 3days now. I have also read the pulledpork "README" file and the "snort\doc\README.*" files. But i really need some more help. The output from PulledPork looks like this: Setting Flowbit State.... Done Writing C:\snort\rules\snort.rules.... Done Generating sid-msg.map.... Done Writing C:\snort\sid-msg.map.... Done Writing C:\snort\sid_changes.log.... Done Rule Stats.... New:-------0 Deleted:---0 Enabled Rules:----0 Dropped Rules:----0 Disabled Rules:---0 Total Rules:------0 Done Please review C:\snort\sid_changes.log for additional details Fly Piggy Fly! CodeForFun ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-novd2d _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Brief Description of Rule Sets Bill Pickens (Nov 18)
- Re: Brief Description of Rule Sets Joel Esler (Nov 18)
- Re: Brief Description of Rule Sets Enrico (Nov 22)
- PulledPork puts empty snort.rules file in rules dir codeforfun (Nov 22)
- PulledPork puts empty snort.rules file in rules dir codeforfun (Nov 22)
- Re: PulledPork puts empty snort.rules file in rules dir JJC (Nov 22)
- Re: Brief Description of Rule Sets Enrico (Nov 22)
- Re: Brief Description of Rule Sets Joel Esler (Nov 22)
- Re: Brief Description of Rule Sets Joel Esler (Nov 18)