[Snort-users] SF: Someone please update the gen-msg.map in rules tarball

Russell Fulton r.fulton at ...3809...
Thu May 20 19:37:14 EDT 2010



On 21/05/2010, at 12:22 AM, Nigel Houghton wrote:

> On Wed, May 19, 2010 at 9:29 PM, Russell Fulton <r.fulton at ...3809...> wrote:
>> Hi Nigel,
>> http://www.snort.org/pub-bin/oinkmaster.cgi/oinkcode/snortrules-snapshot-2.8.tar.gz
>> 
>> I get permission denied when I get the _s file as we decided not to renew our sub.
>> 
>> Should I re-register?
>> 
>> Russell
>> 
> 
> You might need a new oinkcode.
> 

logged into www.snort.org and checked the download page and oinkcode.

It it clear that the _s files are for *subscribers*, registered users use the non _s files and it is this one that has the old gen-msg.map file.

[snort at ...14602... ~]$ cd ~/Rules/
[snort at ...14602... Rules]$ wget http://dl.snort.org/reg-rules/snortrules-snapshot-2.8.tar.gz?oink_code=c7570aa634a8ad8dcf4e9f3ec8246f079cde0e31
[ snip ]

11:25:01 (252 KB/s) - `snortrules-snapshot-2.8.tar.gz.1' saved [38956782/38956782]

[snort at ...14602... Rules]$ ls -l snortrules-snapshot-2.8.tar.gz*
-rw-rw-r-- 1 snort snort 38956782 May 16 02:51 snortrules-snapshot-2.8.tar.gz
-rw-rw-r-- 1 snort snort 38956782 May 16 02:51 snortrules-snapshot-2.8.tar.gz.1
-rw-rw-r-- 1 snort snort       32 May 16 02:51 snortrules-snapshot-2.8.tar.gz.md5

[snort at ...14602... Rules]$ cd snapshot-2.8/
[snort at ...14602... snapshot-2.8]$ tar -zxf ../snortrules-snapshot-2.8.tar.gz.1
[snort at ...14602... snapshot-2.8]$ ls -l etc
total 2160
-rw-r--r-- 1 snort snort    3547 Mar 16 10:00 classification.config
-rw-r--r-- 1 snort snort    2060 Jan 19  2007 generators
-rw-r--r-- 1 snort snort   12103 Sep 20  2007 gen-msg.map
-rw-r--r-- 1 snort snort     230 Dec 19  2003 Makefile.am
-rw-r--r-- 1 snort snort    1112 Jan 20 08:09 open-test.conf
-rw-r--r-- 1 snort snort     608 Oct 21  2003 reference.config
-rw-r--r-- 1 snort snort       5 Jan  6  2006 sid
-rw-r--r-- 1 snort snort 2081151 Apr 16 03:29 sid-msg.map
-rw-r--r-- 1 snort snort   17646 Apr 14 08:35 snort.conf
-rw-r--r-- 1 snort snort    2319 Dec  6  2003 threshold.conf
-rw-r--r-- 1 snort snort   53841 Oct 21  2003 unicode.map
[snort at ...14602... snapshot-2.8]$ 

note the timestamp on gen-msg.map -- Sep 20  2007!



More information about the Snort-users mailing list