Even using the "--no-check-certificate" for wget, the download is failing. I thought the correct URL to use is now:<br><br><a href="http://www.snort.org/reg-rules/snortrules-snapshot-2853.tag.gz/">http://www.snort.org/reg-rules/snortrules-snapshot-2853.tag.gz/</a><oinkcode><br>
<br>based on the VRT blog from Monday.<br><br>Fred Austin<br><br><br><div class="gmail_quote">On Wed, Jun 30, 2010 at 8:05 AM, Weir, Jason <span dir="ltr"><<a href="mailto:jason.weir@...3410...">jason.weir@...3410...</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Joel,<br>
<br>
Still getting the below error, could this be a wget problem not handling<br>
the ssl connection correctly?  Anyone know how to use the<br>
`--no-check-certificate' option with oinkmaster?<br>
<br>
------------------------------------------------------------------------<br>
--------------------------------------<br>
<div class="im"><br>
Downloading file from<br>
<a href="http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh%0Aot-2853.tar.gz." target="_blank">http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh<br>
ot-2853.tar.gz.</a>..<br>
<br>
/usr/local/bin/<a href="http://oinkmaster.pl" target="_blank">oinkmaster.pl</a>: Error: could not download from<br>
<a href="http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh%0Aot-2853.tar.gz" target="_blank">http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh<br>
ot-2853.tar.gz</a>.<br>
<br>
Output from wget follows:<br>
<br>
<a href="http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh%0Aot-2853.tar.gz" target="_blank">http://www.snort.org/pub-bin/oinkmaster.cgi/*oinkcode*/snortrules-snapsh<br>
ot-2853.tar.gz</a><br>
<br>
Resolving www.snort.org... 68.177.102.20<br>
<br>
Connecting to <a href="http://www.snort.org" target="_blank">www.snort.org</a>|68.177.102.20|:80... connected.<br>
<br>
HTTP request sent, awaiting response... 302 Found<br>
<br>
Location:<br>
<a href="https://s3.amazonaws.com/snort.org/rules/20100525/snortrules-snapshot-28" target="_blank">https://s3.amazonaws.com/snort.org/rules/20100525/snortrules-snapshot-28</a><br>
</div>53.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1277895698&Signatu<br>
re=px1MZAMmLNzKWMw93CljxWGLJco%3D<br>
<br>
[following] --2010-06-30 07:01:08--<br>
<div class="im"><a href="https://s3.amazonaws.com/snort.org/rules/20100525/snortrules-snapshot-28" target="_blank">https://s3.amazonaws.com/snort.org/rules/20100525/snortrules-snapshot-28</a><br>
</div>53.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1277895698&Signatu<br>
re=px1MZAMmLNzKWMw93CljxWGLJco%3D<br>
<br>
Resolving s3.amazonaws.com... 72.21.202.164<br>
<br>
Connecting to <a href="http://s3.amazonaws.com" target="_blank">s3.amazonaws.com</a>|72.21.202.164|:443... connected.<br>
<div class="im"><br>
ERROR: cannot verify <a href="http://s3.amazonaws.com" target="_blank">s3.amazonaws.com</a>'s certificate, issued by<br>
`/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at<br>
<a href="https://www.verisign.com/rpa" target="_blank">https://www.verisign.com/rpa</a> (c)09/CN=VeriSign Class 3 Secure Server CA<br>
- G2':<br>
<br>
Unable to locally verify the issuer's authority.<br>
<br>
To connect to <a href="http://s3.amazonaws.com" target="_blank">s3.amazonaws.com</a> insecurely, use `--no-check-certificate'.<br>
Unable to establish SSL connection.<br>
<br>
------------------------------------------------------------------------<br>
--------------------------------------<br>
<br>
-Jason<br>
<br>
-----Original Message-----<br>
From: Joel Esler [mailto:<a href="mailto:jesler@...435...">jesler@...3432.....</a>]<br>
</div><div class="im">Sent: Tuesday, June 29, 2010 3:03 PM<br>
To: Weir, Jason<br>
Cc: infosec posts; <a href="mailto:snort-sigs@lists.sourceforge.net">snort-sigs@lists.sourceforge.net</a>; Snort Users List<br>
Subject: Re: [Snort-sigs] [Snort-users] Update your<br>
oinkmaster/pulled_porkconf files<br>
<br>
<br>
</div><div class="im">On Jun 29, 2010, at 10:41 AM, Weir, Jason wrote:<br>
> Me too - common guys this isn't that complicated<br>
><br>
> Oinkmaster output below<br>
<br>
Okay, I know our web team made some changes after these series of<br>
emails.  If you are still having problems, please let us know.<br>
<br>
Joel<br>
<br>
<br>
</div><div class="im">_____________________________________________________________________________________________<br>
<br>
Please visit <a href="http://www.nhrs.org" target="_blank">www.nhrs.org</a> to subscribe to NHRS email announcements and updates.<br>
------------------------------------------------------------------------------<br>
</div><div><div></div><div class="h5">This SF.net email is sponsored by Sprint<br>
What will you do first with EVO, the first 4G phone?<br>
Visit <a href="http://sprint.com/first" target="_blank">sprint.com/first</a> -- <a href="http://p.sf.net/sfu/sprint-com-first" target="_blank">http://p.sf.net/sfu/sprint-com-first</a><br>
_______________________________________________<br>
Snort-sigs mailing list<br>
<a href="mailto:Snort-sigs@lists.sourceforge.net">Snort-sigs@...639...forge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/snort-sigs" target="_blank">https://lists.sourceforge.net/lists/listinfo/snort-sigs</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>This email and any files transmitted with it are solely intended for the use of the named recipient(s) and may contain information that is privileged and confidential. If you receive this email in error, please immediately notify the sender and delete this message in all its forms.  E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.  Therefore N-Dimension Solutions Inc. does not accept liability for any errors or omission in the contents of the message which arise as a result of e-mail transmission.<br>