[Snort-users] PulledPork 0.5.0 the Drowning Rat is now floating in the wild!

JJC cummingsj at ...11827...
Thu Oct 21 15:39:23 EDT 2010


Excerpt from the CHANGELOG is below, more information is available at:
http://global-security.blogspot.com/2010/10/haz-drowning-rat-pulledpork-050-is-now.html

Tarball is here:
http://pulledpork.googlecode.com/files/pulledpork-0.5.0.tar.gz
MD5SUM = 60c0abe78945876c643760b3bb2afdb6
SHA256 = 9e69873d737e4fc8dfd9b3a98316e4ff41bd8c4accda72f18036b96568c48872

Thanks to the community for the continued support, feature requests,
and contributions... you guys are awesome!

changelog excerpt:
New Features / changes:
- Automatic VRT tarball name determination (based on local Snort
Version but can be hard coded)
- Full support for ET Pro rulesets
- Full support for new ET Download scheme
- Issue #27 Modifysid capability
- Capability to retrieve multiple rulesets in a single run
- Issue #24 Added verbose output showing all requests, results and urls
- Verbose output now shows percentage bar for downloads
- Extra Verbose output now shows additional HTTP debug!
- Set value in default.conf file to https for VRT downloads
- Set UA Value to (PulledPork/X.X.X)
- Capability to log critical information to syslog
- Grabonly option, for those that only want to download the tarball(s)
- Issue #34 Added the capability to specify the order of disable / enable / drop
	using the state_order configuration option in the master config file
- Added a contrib directory
- Added oink-conv.pl to contrib directory
	* converts oinkmaster config files to PP config files
	* Thx Russell Fulton!
- Added README.CONTRIB to track contrib files (ohai manifest)
- Perl Modue Requirement Changes (SEE SECTION BELOW)
- Issue #38 Added capability to extract reference docs from tarball and
	store in a defined path, NOTE this dramatically increases PP runtime
	* runtime value is -r

Bug Fixes:
- Should now correctly use environmentally set proxy settings
	* Shout to pkthound for his work and contribution here!
- Fixed case where rules with multiple flowbit (un)?set values would not
	properly populate all of the flowbit values into the rules hash
- Bug #29 - fixed to allow for proper sid-msg.map generation
- Bug #28 - fixed numerous spellification issues
- Bug #32 - fixed to allow for so stub generation in nodownload and
!nodownload case


Perl Module Requriement Changes:
- LWP::Simple no longer
- LWP::UserAgent now required
- HTTP::Request now required
- HTTP::Status now required
- SYS::Syslog now required
- Crypt::SSLeay now required
- Carp now required

Cheers,
JJC




More information about the Snort-users mailing list