Snort mailing list archives
Re: Extracting snortrules-2931.tar.gz
From: Jeremy Hoel <jthoel () gmail com>
Date: Tue, 9 Oct 2012 19:19:51 +0000
The link he was using worked fine for me. I tested the get and got the rules with no no problem.. with the link he had. His problem is not related to a bad link. The examples show that you need a file name (http://snort.org/snort-rules/cli) and when you go to the page before, the main download page (http://snort.org/snort-rules/?), it shows the file names. They are not trying to make this overly confusing and hard.. but it does require some effort and understanding on the installers part. Or, you could sign in and grab them from the gui, or use pullpork. 3 different methods to get the rules.. The examples are generic enough that they don't have to change whenever the rule file changes. Lets let the developers work on keeping the software fixed and nor worry about the web page not having the most specific instructions. On Tue, Oct 9, 2012 at 7:12 PM, AllowOverride <allowoverride () gmail com> wrote:
jer, i tried the preferred method displayed on oinkcode page. it doesnt work for sub/reg unless you know to put 2931. also, other methods of wget'ing the url according to docs are supposed to work but do not, unless know the exact file name, and thats not always easy to find on the ftp site, or by other methods. just a heads up, that kept me off task for a few days trying to figure it out. suggestion... fix the examples on the oinkcode page. On Tue, 2012-10-09 at 17:12 +0000, Jeremy Hoel wrote:The answer is in the text file that you sent back. 2012-10-04 14:07:24 ERROR 403: Forbidden. so however you tried to get the file, it didn't work. If you used wget and an oink code then you need to check the code. On Tue, Oct 9, 2012 at 4:59 PM, Akinwale Fasuru <fashman2k1 () yahoo com> wrote:Here is what i gath after running cat.... --2012-10-04 14:07:23-- http://www.snort.org/sub-rules/snortrules-snapshot-2931.tar.gz/3b6de1b425e1a20c6f85e705f3631bc958ad11db Resolving www.snort.org... 23.23.170.170 Connecting to www.snort.org|23.23.170.170|:80... connected. HTTP request sent, awaiting response... 403 Forbidden 2012-10-04 14:07:24 ERROR 403: Forbidden. What do u think? --- On Tue, 10/9/12, Jeremy Hoel <jthoel () gmail com> wrote:From: Jeremy Hoel <jthoel () gmail com> Subject: Re: [Snort-users] Extracting snortrules-2931.tar.gz To: "Akinwale Fasuru" <fashman2k1 () yahoo com> Cc: snort-users () lists sourceforge net Date: Tuesday, October 9, 2012, 11:53 AM to check the size of a file, go to the directory where the file is and run 'ls -al'. But since 'file' said it's text and not a tar.gz or zip file, then that's the problem. Your download is not correct. go ahead and run 'cat snortrules-2931.tar.gz' On Tue, Oct 9, 2012 at 4:50 PM, Akinwale Fasuru <fashman2k1 () yahoo com> wrote:I replied the email you sent earlier saying that ididnt know how to check for te size of the file. But i did rule the command u asked me here is the responsesnortrules-2931.tar.gz: ASCII text --- On Tue, 10/9/12, Jeremy Hoel <jthoel () gmail com>wrote:From: Jeremy Hoel <jthoel () gmail com> Subject: Re: [Snort-users] Extractingsnortrules-2931.tar.gzTo: "Akinwale Fasuru" <fashman2k1 () yahoo com> Cc: snort-users () lists sourceforge net Date: Tuesday, October 9, 2012, 11:46 AM You never got back to me about the size of the file and if the file was complete. the error makes it sound like it's not a tar.gzfile.you need to very you got the whole file and thatit's notjust a text error. run 'file snortrules-2931.tar.gz' and see what itsays.On Tue, Oct 9, 2012 at 4:29 PM, Akinwale Fasuru<fashman2k1 () yahoo com>wrote:Hello everyone, I am still having problems extractingsnortrules-2931.tar.gztar -xzvf snortrules-2931.tar.gzI get this erro message zip: stdin: not in gzip format tar: Child returned status 1 tar: Error is not recoverable: exitingnow------------------------------------------------------------------------------Don't let slow site performance ruin yourbusiness.Deploy New Relic APMDeploy New Relic app performance managementand knowexactlywhat is happening inside your Ruby, Python,PHP, Java,and .NET appTry New Relic at no cost today and get oursweet DataNerd shirt too!http://p.sf.net/sfu/newrelic-dev2dev_______________________________________________Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options orunsubscribe:https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current onall the latest Snort news!------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Extracting snortrules-2931.tar.gz Akinwale Fasuru (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Akinwale Fasuru (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 09)
- Re: Extracting snortrules-2931.tar.gz AllowOverride (Oct 09)
- Re: Extracting snortrules-2931.tar.gz Joel Esler (Oct 09)
- Message not available
- Re: Extracting snortrules-2931.tar.gz Jeremy Hoel (Oct 09)