[Snort-users] Using PP

John York YorkJ at ...7109...
Thu Sep 13 11:04:09 EDT 2012


You are missing some perl modules.  If you are using Ubuntu, the quickest way to get them is this:

sudo apt-get install libssl-dev libcrypt-ssleay-perl libio-all-lwp-perl

Otherwise you can test your Fu with CPAN.  See the part in http://code.google.com/p/pulledpork/wiki/FAQ about LWP::Simple

Thanks
John

From: Pratik Narang [mailto:pratik.cse.bits at ...11827...]
Sent: Thursday, September 13, 2012 5:15 AM
To: Heine Lysemose
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Using PP

With 'sudo', it says:
sudo /usr/local/bin/pulledpork.pl<http://pulledpork.pl> -c /usr/local/snort/etc/pulledpork/pulledpork.conf -C /usr/local/snort/etc/snort.conf -I security
Can't locate Crypt/SSLeay.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 /usr/local/lib/site_perl .) at /usr/local/bin/pulledpork.pl<http://pulledpork.pl> line 28.
BEGIN failed--compilation aborted at /usr/local/bin/pulledpork.pl<http://pulledpork.pl> line 28.


On Thu, Sep 13, 2012 at 1:46 PM, Heine Lysemose <lysemose at ...11827...<mailto:lysemose at ...11827...>> wrote:
Hi

Try running the command with sudo.
sudo /usr/local/bin/pulledpork.pl<http://pulledpork.pl> -c /usr/local/snort/etc/pulledpork/pulledpork.conf -C /usr/local/snort/etc/snort.conf -I security

/Lysemose


On Thu, Sep 13, 2012 at 9:11 AM, Pratik Narang <pratik.cse.bits at ...11827...<mailto:pratik.cse.bits at ...11827...>> wrote:
> Well on the advice of few Snort experts on the list I decided to start using
> Pulled Pork.
> But I couldn't really make it run yet! Here's the dump from the console. Any
> help will be appreciated...
>
> $  /usr/local/bin/pulledpork.pl<http://pulledpork.pl> -c
> /usr/local/snort/etc/pulledpork/pulledpork.conf -C
> /usr/local/snort/etc/snort.conf -I security
>
>     http://code.google.com/p/pulledpork/
>       _____ ____
>      `----,\    )
>       `--==\\  /    PulledPork v0.6.1 the Smoking Pig <////~
>        `--==\\/
>      .-~~~~-.Y|\\_  Copyright (C) 2009-2011 JJ Cummings
>   @_/        /  66\_  cummingsj at ...11827...<mailto:cummingsj at ...11827...>
>     |    \   \   _(")
>      \   /-| ||'--'  Rules give me wings!
>       \_\  \_\\
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Can't create /usr/local/snort/etc/pulledpork/so_rules.rules - Permission
> denied
>  at /usr/local/bin/pulledpork.pl<http://pulledpork.pl> line 1548
> readline() on closed filehandle FH at /usr/local/bin/pulledpork.pl<http://pulledpork.pl> line
> 1327.
> Checking latest MD5 for snortrules-snapshot-2931.tar.gz....
> No such file or directory at /usr/local/bin/pulledpork.pl<http://pulledpork.pl> line 457
> main::md5file('c475af39408e0e7ad0f4f6d961543b1e7b989c3b',
> 'snortrules-snapshot-2931.tar.gz', '/usr/local/snort/tmp/',
> 'https://www.snort.org/reg-rules/') called at /usr/local/bin/pulledpork.pl<http://pulledpork.pl>
> line 1758
>
>
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net<mailto:Snort-users at ...3893...t>
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120913/c05a1da3/attachment.html>


More information about the Snort-users mailing list