Snort mailing list archives
Re: Snort Rules
From: Georgi Sinapov <bofh () bofh bg>
Date: Mon, 22 May 2017 17:53:30 +0200
Just for the sake of completness... pfSense + snort, no issues updating, but recently snort has started stoping on interface after rules update.. Starting rules update... Time: 2017-05-21 00:05:00 Downloading Snort VRT rules md5 file snortrules-snapshot-2983.tar.gz.md5... Checking Snort VRT rules md5 file... Snort VRT rules are up to date. Downloading Snort OpenAppID detectors md5 file snort-openappid.tar.gz.md5... Checking Snort OpenAppID detectors md5 file... Snort OpenAppID detectors are up to date. Downloading Snort OpenAppID RULES detectors md5 file appid_rules.tar.gz.md5... Checking Snort OpenAppID RULES detectors md5 file... There is a new set of Snort OpenAppID RULES detectors posted. Downloading file 'appid_rules.tar.gz'... Done downloading rules file. Downloading Snort GPLv2 Community Rules md5 file community-rules.tar.gz.md5... Checking Snort GPLv2 Community Rules md5 file... Snort GPLv2 Community Rules are up to date. Downloading Emerging Threats Open rules md5 file emerging.rules.tar.gz.md5... Checking Emerging Threats Open rules md5 file... There is a new set of Emerging Threats Open rules posted. Downloading file 'emerging.rules.tar.gz'... Done downloading rules file. Extracting and installing Snort OpenAppID detectors... Installation of Snort OpenAppID detectors completed. Extracting and installing Emerging Threats Open rules... Installation of Emerging Threats Open rules completed. Copying new config and map files... Updating rules configuration for: XYZ ...The Rules update has finished. Time: 2017-05-21 00:07:02 Starting rules update... Time: 2017-05-22 00:05:00 Downloading Snort VRT rules md5 file snortrules-snapshot-2983.tar.gz.md5... Checking Snort VRT rules md5 file... Snort VRT rules are up to date. Downloading Snort OpenAppID detectors md5 file snort-openappid.tar.gz.md5... Checking Snort OpenAppID detectors md5 file... Snort OpenAppID detectors are up to date. Downloading Snort OpenAppID RULES detectors md5 file appid_rules.tar.gz.md5... Checking Snort OpenAppID RULES detectors md5 file... There is a new set of Snort OpenAppID RULES detectors posted. Downloading file 'appid_rules.tar.gz'... Done downloading rules file. Downloading Snort GPLv2 Community Rules md5 file community-rules.tar.gz.md5... Checking Snort GPLv2 Community Rules md5 file... Snort GPLv2 Community Rules are up to date. Downloading Emerging Threats Open rules md5 file emerging.rules.tar.gz.md5... Checking Emerging Threats Open rules md5 file... Emerging Threats Open rules are up to date. Extracting and installing Snort OpenAppID detectors... Installation of Snort OpenAppID detectors completed.The Rules update has finished. Time: 2017-05-22 00:05:38 No rules config update for the interface, though.... Best e-gards,Georgi Sinapov ----- Цитат от Joel Esler (jesler) (jesler () cisco com), на 22.05.2017 в 15:34 ----- I have received this complaint from about 4 people from the last week. All from pfsense users.Nothing has changed on our side, and since all the complaints are from pfsense users, I’m starting to draw a correlation to where the problem may lie. --Joel Esler | Talos: Manager | jesler () cisco com On May 22, 2017, at 3:48 AM, Bradley Edwards wrote: Hi,I have a few issues with Snort Rules Updates.I have a subscription, but cannot update rules.Log shows Snort VRT rules md5 download failed.Server returned error code 0Same for OpenAppid and Snort GPLv2 community rules.Lates version of pfsense and snort.This is a new install with pfBlockerNG the only package running. Snort isdisabled as it was blocking everything. Kind regards,Brad ------------------------------------- пощата на този домейн се хоства от Mail.bg ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort Rules Bradley Edwards (May 22)
- Re: Snort Rules Joel Esler (jesler) (May 22)
- Re: Snort Rules Georgi Sinapov (May 22)
- Re: Snort Rules Joel Esler (jesler) (May 22)