[Snort-sigs] Can we still use oinkmaster?

Joel Esler (jesler) jesler at cisco.com
Thu Feb 1 14:21:03 EST 2018


2.4 has been unsupported for about 10 years.

--
Joel Esler | Talos: Manager | jesler at cisco.com<mailto:jesler at cisco.com>






On Feb 1, 2018, at 2:17 PM, Michael Shirk via Snort-sigs <snort-sigs at lists.snort.org<mailto:snort-sigs at lists.snort.org>> wrote:

A couple things:

Please upgrade to a new version of CentOS.
Please upgrade to a new version of Snort.

And the pulledpork error is because you are using a version of pulledpork that does not match the pulledpork.conf file.



--
Michael Shirk
Daemon Security, Inc.
https://www.daemon-security.com<https://www.daemon-security.com/>


On Feb 1, 2018 14:11, "Álvaro Gustavo da Veiga" <alvarogustavo at daveiga.pt<mailto:alvarogustavo at daveiga.pt>> wrote:
Hello,
I have an old Centos 5.11 server and i'am trying to get updates from oinkmaster, but without success, my snort version is 2.4 and as i can see there is only 2.9 rules download on the website
"
Loading /etc/snort/oinkmaster-2.0/oinkmaster.conf

/etc/snort/oinkmaster-2.0/oinkmaster.pl<http://oinkmaster.pl/>: Error: incorrect URL: "https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz?oinkcode=myoinkcode"

Oink, oink. Exiting..."

What can i do? I tried to use pulledpork but i keep getting this error doesnt matter what i try:

]# sudo /usr/local/bin/pulledpork.pl<http://pulledpork.pl/> -c /etc/snort/pulledpork.conf -l

    https://github.com/shirkdog/pulledpork
      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.7.4 - Helping you protect your bitcoin wallet!
       `--==\\/
     .-~~~~-.Y|\\_  Copyright (C) 2009-2017 JJ Cummings, Michael Shirk
  @_/        /  66\_  and the PulledPork Team!
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

You are not using the current version of pulledpork.conf!
Please use the version that shipped with PulledPork v0.7.4!

 at /usr/local/bin/pulledpork.pl<http://pulledpork.pl/> line 1790

Thank you.

_______________________________________________
Snort-sigs mailing list
Snort-sigs at lists.snort.org<mailto:Snort-sigs at lists.snort.org>
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org<http://blog.snort.org/> for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org<http://Snort.org> to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!

_______________________________________________
Snort-sigs mailing list
Snort-sigs at lists.snort.org<mailto:Snort-sigs at lists.snort.org>
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20180201/498f8535/attachment-0001.html>


More information about the Snort-sigs mailing list