Snort mailing list archives

Re: help with WARNING: flowbits key

From: hernani <coelho.hernani () sapo pt>
Date: Sat, 14 Jun 2014 17:20:11 +0100

hello Joel,

i install pulledpork but tell me the rules are match and dont fixdependencies


were is the output



Checking latest MD5 for snortrules-snapshot-2961.tar.gz....
    They Match
    Done!
Checking latest MD5 for community-rules.tar.gz....
    They Match
    Done!
IP Blacklist download of http://labs.snort.org/feeds/ip-filter.blf....
Reading IP List...
Checking latest MD5 for opensource.gz....
    They Match
    Done!
Writing Blacklist File /usr/local/snort/rules/default.blacklist....

Writing Blacklist Version 895836774 to/usr/local/snort/rules/iplistsIPRVersion.dat....

Fly Piggy Fly!


thanks

hernani coelho





Em 13-06-2014 20:59, Joel Esler (jesler) escreveu:

Are you using pulledpork to manage your ruleset? I suggest that youdo, as pulledpork should fix these dependency problems.


--
*Joel Esler*
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team

On Jun 13, 2014, at 6:23 AM, hernani <coelho.hernani () sapo pt<mailto:coelho.hernani () sapo pt>> wrote:

hello,

how can i remove this warning --->


Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.abc'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key
'imap.cram_md5' is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.fon'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.xwd'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.mp3'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.wav'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.maki'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key
'cocsoft.stream' is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key
'file.pecompact' is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.fpx'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.wma'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.png'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.asf'
is checked but not ever set.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'hornet.4'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'hplogin' is
set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.nab'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key 'file.xps'
is set but not ever checked.
Jun 13 11:17:08 hernani snort[13332]: WARNING: flowbits key
'file.wmp_playlist' is checked but not ever set.


thanks

hernani coelho

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latestSnort news!

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

help with WARNING: flowbits key hernani (Jun 13)
- Re: help with WARNING: flowbits key waldo kitty (Jun 13)
  - Re: help with WARNING: flowbits key hernani (Jun 14)
    - Re: help with WARNING: flowbits key waldo kitty (Jun 16)
    - Re: help with WARNING: flowbits key Joel Esler (jesler) (Jun 16)
- Re: help with WARNING: flowbits key Joel Esler (jesler) (Jun 13)
  - Re: help with WARNING: flowbits key hernani (Jun 14)
    - Re: help with WARNING: flowbits key hernani (Jun 15)
    - Re: help with WARNING: flowbits key Joel Esler (jesler) (Jun 15)