Re: Pulled Pork 403 Error

[Brandon Phelps <bphelps () gls com>]

On 7/25/2012 4:07 PM, Brandon Phelps wrote:
> Greetings,
>
> I am attempting to configure pulled pork using the subscriber rules and am getting a 403 error, informing me to wait 
> 15 minutes and try again.  I've
> waited and waited and the issue persists.  When I get the error via pulled pork I can still access the tar.gz file 
> fine from the website.  Has anyone
> seen this problem before and know if I am doing something wrong?
>
> Below are my rule_url lines as well as the actual pulled pork output.  If I run pulled pork with the -n option it 
> correctly uses a copy of the rules I
> already downloaded from /tmp.  Any help would be appreciated!
>
> rule_url=https://www.snort.org/sub-rules/|snortrules-snapshot.tar.gz|a...e
> rule_url=https://www.snort.org/sub-rules/|opensource.gz|a...e
>
> $ sudo /opt/pulledpork-0.6.1/pulledpork.pl -c /opt/pulledpork-0.6.1/etc/pulledpork.conf
>
>      http://code.google.com/p/pulledpork/
>        _____ ____
>       `----,\    )
>        `--==\\  /    PulledPork v0.6.1 the Smoking Pig <////~
>         `--==\\/
>       .-~~~~-.Y|\\_  Copyright (C) 2009-2011 JJ Cummings
>    @_/        /  66\_  cummingsj () gmail com
>      |    \   \   _(")
>       \   /-| ||'--'  Rules give me wings!
>        \_\  \_\\
>   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Checking latest MD5 for snortrules-snapshot-2930.tar.gz....
>       A 403 error occurred, please wait for the 15 minute timeout
>       to expire before trying again or specify the -n runtime switch
>       You may also wish to verfiy your oinkcode, tarball name, and other configuration options
>       Error 403 when fetching https://www.snort.org/sub-rules/snortrules-snapshot-2930.tar.gz.md5 at 
> /opt/pulledpork-0.6.1/pulledpork.pl line 453
>       main::md5file('a...e', 'snortrules-snapshot-2930.tar.gz', '/tmp/', 'https://www.snort.org/sub-rules/&apos;) called 
> at /opt/pulledpork-0.6.1/pulledpork.pl
> line 1758
>
>
> Thanks,
> Brandon

Actually, it seems I can *only* download the subscriber rules from the 
website.  When I use wget from a console using the exact URL the My 
Account -> Oinkcodes page gives, I also get a 403 error.

I only purchased the subscription today, do I need to wait a certain 
amount of time for my Oinkcode to work?  Or do I need to somehow 
generate a new Oinkcode?  The oinkcode I have currently is from before I 
purchased the subscription.

Thanks,
Brandon

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!