[Snort-users] PulledPork not processing

Michael Steele michaels at ...9077...
Sun Feb 10 09:57:13 EST 2013


Problem solved. It appears that some of the Perl packages were corrupted.

 

However; Does anyone have a work around for the installation of the
Signatures. I don't know about UNIX, but  on Windows it takes at least 30
minutes for Perl to extract.

 

Is it possible for the pulledpork.pl file to extract with a native OS
extraction tool?

 

Best regards,

Michael...

 

From: Michael Steele [mailto:michaels at ...9077...] 
Sent: Saturday, February 09, 2013 1:49 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] PulledPork not processing

 

This is the latest pull from the SVN.

 

It appears PulledPork is trying to process the rules twice. In the temp
folder I'm only getting a partial transfer of the rules and the MD5 file. 

 

 

C:\Users\Operator>perl d:\winids\pulledpork\pulledpork.pl -c
d:\winids\pulledpork\etc\pulledpork.conf -vv -T

 

    http://code.google.com/p/pulledpork/

      _____ ____

     `----,\    )

      `--==\\  /    PulledPork v0.6.2dev the Cigar Pig <////~

       `--==\\/

     .-~~~~-.Y|\\_  Copyright (C) 2009-2012 JJ Cummings

  @_/        /  66\_  cummingsj at ...11827... <mailto:cummingsj at ...11827...> 

    |    \   \   _(")

     \   /-| ||'--'  Rules give me wings!

      \_\  \_\\

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Config File Variable Debug d:\winids\pulledpork\etc\pulledpork.conf

        snort_path = /usr/local/bin/snort

        enablesid = d:\winids\pulledpork\etc\enablesid.conf

        modifysid = d:\winids\pulledpork\etc\modifysid.conf

        rule_path = d:\winids\snort\rules\snort.rules

        ignore = deleted.rules,experimental.rules,local.rules

        rule_url = ARRAY(0x28e1e24)

        snort_version = 2.9.4.0

        sid_msg_version = 1

        sid_changelog = d:\winids\snort\log\sid_changes.log

        sid_msg = d:\winids\snort\etc\sid-msg.map

        docs = d:\winids\Apache24\htdocs\base\signatures\

        ips_policy = security

        config_path = /usr/local/etc/snort/snort.conf

        temp_path = d:\winids\pulledpork\temp

        distro = FreeBSD-8.1

        version = 0.6.1

        sorule_path = /usr/local/lib/snort_dynamicrules/

        disablesid = d:\winids\pulledpork\etc\disablesid.conf

        dropsid = d:\winids\pulledpork\etc\dropsid.conf

        local_rules = d:\winids\snort\rules\local.rules

'uname' is not recognized as an internal or external command,

operable program or batch file.

MISC (CLI and Autovar) Variable Debug:

        Config Path is: d:\winids\pulledpork\etc\pulledpork.conf

        Distro Def is: FreeBSD-8.1

        Docs Reference Location is:
d:\winids\Apache24\htdocs\base\signatures\

        security policy specified

        local.rules path is: d:\winids\snort\rules\local.rules

        Rules file is: d:\winids\snort\rules\snort.rules

        Path to disablesid file: d:\winids\pulledpork\etc\disablesid.conf

        Path to dropsid file: d:\winids\pulledpork\etc\dropsid.conf

        Path to enablesid file: d:\winids\pulledpork\etc\enablesid.conf

        Path to modifysid file: d:\winids\pulledpork\etc\modifysid.conf

        sid changes will be logged to: d:\winids\snort\log\sid_changes.log

        sid-msg.map Output Path is: d:\winids\snort\etc\sid-msg.map

        Snort Version is: 2.9.4.0

        Snort Config File: /usr/local/etc/snort/snort.conf

        Snort Path is: /usr/local/bin/snort

        Text Rules only Flag is Set

        Extra Verbose Flag is Set

        Verbose Flag is Set

        Base URL is:
https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|991158d6f0847841
cffbe085a91b7c5775ba98cf
https://www.snort.org/reg-rules/|opensource.gz|991158d6f0847841cffbe085a91b7
c5

775ba98cf

Checking latest MD5 for snortrules-snapshot-2940.tar.gz....

        Fetching md5sum for: snortrules-snapshot-2940.tar.gz.md5

** GET
https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz.md5/991158d6
f0847841cffbe085a91b7c5775ba98cf ==> 200 OK (3s)

        most recent rules file digest: ae46740e802f023be681d932ef71f407

Rules tarball download of snortrules-snapshot-2940.tar.gz....

        Fetching rules file: snortrules-snapshot-2940.tar.gz

** GET
https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f084
7841cffbe085a91b7c5775ba98cf ==> 302 Found (1s)

** GET
https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-29
40.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ
<https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-2
940.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1360435268&Signature=
KaoY%2B0NMB%2B%2FNnYFJTpunKaQhilw%3D>
&Expires=1360435268&Signature=KaoY%2B0NMB%2B%2FNnYFJTpunKaQhilw%3D ==>

200 OK (1s)

        storing file at:
d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz

 

        current local rules file  digest: eed12b6d1e99dd34dda723167ab18f8c

        The MD5 for snortrules-snapshot-2940.tar.gz did not match the latest
digest... so I am gonna fetch the latest rules file!

Rules tarball download of snortrules-snapshot-2940.tar.gz....

        Fetching rules file: snortrules-snapshot-2940.tar.gz

** GET
https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f084
7841cffbe085a91b7c5775ba98cf ==> 302 Found

** GET
https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-29
40.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ
<https://s3.amazonaws.com/snort-org/www/rules/20121218/snortrules-snapshot-2
940.tar.gz?AWSAccessKeyId=AKIAJJSHU7YNPLE5MKOQ&Expires=1360435269&Signature=
2H85W57%2F7fbXw%2FEehahpjniVR0Q%3D>
&Expires=1360435269&Signature=2H85W57%2F7fbXw%2FEehahpjniVR0Q%3D ==>   0

200 OK

        storing file at:
d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz

 

        current local rules file  digest: 6fb296525f90c700ff356264397e7977

        The MD5 for snortrules-snapshot-2940.tar.gz did not match the latest
digest... so I am gonna fetch the latest rules file!

Rules tarball download of snortrules-snapshot-2940.tar.gz....

        Fetching rules file: snortrules-snapshot-2940.tar.gz

** GET
https://www.snort.org/reg-rules/snortrules-snapshot-2940.tar.gz/991158d6f084
7841cffbe085a91b7c5775ba98cf ==> 403 Forbidden (1s)

        A 403 error occurred, please wait for the 15 minute timeout

        to expire before trying again or specify the -n runtime switch

        You may also wish to verfiy your oinkcode, tarball name, and other
configuration options

 

 

 

 

I can drop the rules, and open source file into the empty temp folder and
try to process offline but I'm getting:

 

C:\Users\Operator>perl d:\winids\pulledpork\pulledpork.pl -c
d:\winids\pulledpork\etc\pulledpork.conf -n -vv -T

 

    http://code.google.com/p/pulledpork/

      _____ ____

     `----,\    )

      `--==\\  /    PulledPork v0.6.2dev the Cigar Pig <////~

       `--==\\/

     .-~~~~-.Y|\\_  Copyright (C) 2009-2012 JJ Cummings

  @_/        /  66\_  cummingsj at ...11827... <mailto:cummingsj at ...11827...> 

    |    \   \   _(")

     \   /-| ||'--'  Rules give me wings!

      \_\  \_\\

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Config File Variable Debug d:\winids\pulledpork\etc\pulledpork.conf

        snort_path = /usr/local/bin/snort

        enablesid = d:\winids\pulledpork\etc\enablesid.conf

        modifysid = d:\winids\pulledpork\etc\modifysid.conf

        rule_path = d:\winids\snort\rules\snort.rules

        ignore = deleted.rules,experimental.rules,local.rules

        rule_url = ARRAY(0x285929c)

        snort_version = 2.9.4.0

        sid_msg_version = 1

        sid_changelog = d:\winids\snort\log\sid_changes.log

        sid_msg = d:\winids\snort\etc\sid-msg.map

        docs = d:\winids\Apache24\htdocs\base\signatures\

        ips_policy = security

        config_path = /usr/local/etc/snort/snort.conf

        temp_path = d:\winids\pulledpork\temp

        distro = FreeBSD-8.1

        version = 0.6.1

        sorule_path = /usr/local/lib/snort_dynamicrules/

        disablesid = d:\winids\pulledpork\etc\disablesid.conf

        dropsid = d:\winids\pulledpork\etc\dropsid.conf

        local_rules = d:\winids\snort\rules\local.rules

'uname' is not recognized as an internal or external command,

operable program or batch file.

MISC (CLI and Autovar) Variable Debug:

        Config Path is: d:\winids\pulledpork\etc\pulledpork.conf

        Distro Def is: FreeBSD-8.1

        Docs Reference Location is:
d:\winids\Apache24\htdocs\base\signatures\

        security policy specified

        local.rules path is: d:\winids\snort\rules\local.rules

        No Download Flag is Set

        Rules file is: d:\winids\snort\rules\snort.rules

        Path to disablesid file: d:\winids\pulledpork\etc\disablesid.conf

        Path to dropsid file: d:\winids\pulledpork\etc\dropsid.conf

        Path to enablesid file: d:\winids\pulledpork\etc\enablesid.conf

        Path to modifysid file: d:\winids\pulledpork\etc\modifysid.conf

        sid changes will be logged to: d:\winids\snort\log\sid_changes.log

        sid-msg.map Output Path is: d:\winids\snort\etc\sid-msg.map

        Snort Version is: 2.9.4.0

        Snort Config File: /usr/local/etc/snort/snort.conf

        Snort Path is: /usr/local/bin/snort

        Text Rules only Flag is Set

        Extra Verbose Flag is Set

        Verbose Flag is Set

        Base URL is:
https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|991158d6f0847841
cffbe085a91b7c5775ba98cf
https://www.snort.org/reg-rules/|opensource.gz|991158d6f0847841cffbe085a91b7
c5

775ba98cf

Prepping rules from snortrules-snapshot-2940.tar.gz for work....

        extracting contents of
d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz...

        Ignoring plaintext rules: deleted.rules

        Ignoring plaintext rules: experimental.rules

        Ignoring plaintext rules: local.rules

        Extracted: /tha_rules/VRT-server-other.rules

        Extracted: /tha_rules/VRT-pua-adware.rules

        Extracted: /tha_rules/VRT-misc.rules

        Extracted: /tha_rules/VRT-malware-backdoor.rules

        Extracted: /tha_rules/VRT-indicator-compromise.rules

        Extracted: /tha_rules/VRT-file-pdf.rules

        Extracted: /tha_rules/VRT-content-replace.rules

        Extracted: /tha_rules/VRT-file-identify.rules

        Extracted: /tha_rules/VRT-browser-webkit.rules

        Extracted: /tha_rules/VRT-specific-threats.rules

        Extracted: /tha_rules/VRT-file-office.rules

        Extracted: /tha_rules/VRT-rpc.rules

        Extracted: /tha_rules/VRT-dns.rules

        Extracted: /tha_rules/VRT-os-other.rules

        Extracted: /tha_rules/VRT-snmp.rules

        Extracted: /tha_rules/VRT-policy-other.rules

        Extracted: /tha_rules/VRT-web-coldfusion.rules

        Extracted: /tha_rules/VRT-protocol-voip.rules

        Extracted: /tha_rules/VRT-file-image.rules

        Extracted: /tha_rules/VRT-chat.rules

        Extracted: /tha_rules/VRT-voip.rules

        Extracted: /tha_rules/VRT-os-solaris.rules

        Extracted: /tha_rules/VRT-pop3.rules

        Extracted: /tha_rules/VRT-server-mssql.rules

        Extracted: /tha_rules/VRT-preprocessor.rules

        Extracted: /tha_rules/VRT-policy-social.rules

        Extracted: /tha_rules/VRT-protocol-ftp.rules

        Extracted: /tha_rules/VRT-server-webapp.rules

        Extracted: /tha_rules/VRT-server-oracle.rules

        Extracted: /tha_rules/VRT-scada.rules

        Extracted: /tha_rules/VRT-other-ids.rules

        Extracted: /tha_rules/VRT-server-apache.rules

        Extracted: /tha_rules/VRT-sql.rules

        Extracted: /tha_rules/VRT-icmp.rules

        Extracted: /tha_rules/VRT-file-multimedia.rules

        Extracted: /tha_rules/VRT-pua-p2p.rules

        Extracted: /tha_rules/VRT-info.rules

        Extracted: /tha_rules/VRT-pua-other.rules

        Extracted: /tha_rules/VRT-server-mail.rules

        Extracted: /tha_rules/VRT-netbios.rules

        Extracted: /tha_rules/VRT-smtp.rules

        Extracted: /tha_rules/VRT-protocol-icmp.rules

        Extracted: /tha_rules/VRT-sensitive-data.rules

        Extracted: /tha_rules/VRT-indicator-shellcode.rules

        Extracted: /tha_rules/VRT-web-iis.rules

        Extracted: /tha_rules/VRT-protocol-finger.rules

        Extracted: /tha_rules/VRT-botnet-cnc.rules

        Extracted: /tha_rules/VRT-pua-toolbars.rules

        Extracted: /tha_rules/VRT-mysql.rules

        Extracted: /tha_rules/VRT-virus.rules

        Extracted: /tha_rules/VRT-protocol-imap.rules

        Extracted: /tha_rules/VRT-malware-cnc.rules

        Extracted: /tha_rules/VRT-web-misc.rules

        Extracted: /tha_rules/VRT-tftp.rules

        Extracted: /tha_rules/VRT-blacklist.rules

        Extracted: /tha_rules/VRT-shellcode.rules

        Extracted: /tha_rules/VRT-spyware-put.rules

        Extracted: /tha_rules/VRT-exploit.rules

        Extracted: /tha_rules/VRT-protocol-services.rules

        Extracted: /tha_rules/VRT-browser-ie.rules

        Extracted: /tha_rules/VRT-os-windows.rules

        Extracted: /tha_rules/VRT-ddos.rules

        Extracted: /tha_rules/VRT-attack-responses.rules

        Extracted: /tha_rules/VRT-browser-firefox.rules

        Extracted: /tha_rules/VRT-browser-chrome.rules

        Extracted: /tha_rules/VRT-telnet.rules

        Extracted: /tha_rules/VRT-browser-other.rules

        Extracted: /tha_rules/VRT-icmp-info.rules

        Extracted: /tha_rules/VRT-os-linux.rules

        Extracted: /tha_rules/VRT-indicator-obfuscation.rules

        Extracted: /tha_rules/VRT-policy-spam.rules

        Extracted: /tha_rules/VRT-malware-tools.rules

        Extracted: /tha_rules/VRT-x11.rules

        Extracted: /tha_rules/VRT-p2p.rules

        Extracted: /tha_rules/VRT-scan.rules

        Extracted: /tha_rules/VRT-ftp.rules

        Extracted: /tha_rules/VRT-malware-other.rules

        Extracted: /tha_rules/VRT-web-php.rules

        Extracted: /tha_rules/VRT-web-activex.rules

        Extracted: /tha_rules/VRT-decoder.rules

        Extracted: /tha_rules/VRT-web-frontpage.rules

        Extracted: /tha_rules/VRT-rservices.rules

        Extracted: /tha_rules/VRT-file-executable.rules

        Extracted: /tha_rules/VRT-file-other.rules

        Extracted: /tha_rules/VRT-backdoor.rules

        Extracted: /tha_rules/VRT-multimedia.rules

        Extracted: /tha_rules/VRT-web-client.rules

        Extracted: /tha_rules/VRT-exploit-kit.rules

        Extracted: /tha_rules/VRT-protocol-pop.rules

        Extracted: /tha_rules/VRT-browser-plugins.rules

        Extracted: /tha_rules/VRT-policy.rules

        Extracted: /tha_rules/VRT-web-attacks.rules

        Extracted: /tha_rules/VRT-imap.rules

        Extracted: /tha_rules/VRT-file-flash.rules

        Extracted: /tha_rules/VRT-nntp.rules

        Extracted: /tha_rules/VRT-dos.rules

        Extracted: /tha_rules/VRT-finger.rules

        Extracted: /tha_rules/VRT-phishing-spam.rules

No such file in archive: 'doc/signatures/rules/VRT-License.txt' at
d:\winids\pulledpork\pulledpork.pl line 293.

Could not find an entry for 'doc/signatures/rules/VRT-License.txt' at
d:\winids\pulledpork\pulledpork.pl line 293.

        Extracted:
d:\winids\Apache24\htdocs\base\signatures\rules/VRT-License.txt

        Extracted: /tha_rules/VRT-server-mysql.rules

        Extracted: /tha_rules/VRT-oracle.rules

        Extracted: /tha_rules/VRT-server-iis.rules

        Extracted: /tha_rules/VRT-app-detect.rules

        Extracted: /tha_rules/VRT-policy-multimedia.rules

        Extracted: /tha_rules/VRT-pop2.rules

        Extracted: /tha_rules/VRT-bad-traffic.rules

        Extracted: /tha_rules/VRT-web-cgi.rules

Prepping rules from snortrules-snapshot-2940.tar.gz for work....

        extracting contents of
d:\winids\pulledpork\temp/snortrules-snapshot-2940.tar.gz...

        Ignoring plaintext rules: deleted.rules

        Ignoring plaintext rules: experimental.rules

        Ignoring plaintext rules: local.rules

        Extracted: /tha_rules/VRT-server-other.rules

        Extracted: /tha_rules/VRT-pua-adware.rules

        Extracted: /tha_rules/VRT-misc.rules

        Extracted: /tha_rules/VRT-malware-backdoor.rules

        Extracted: /tha_rules/VRT-indicator-compromise.rules

        Extracted: /tha_rules/VRT-file-pdf.rules

        Extracted: /tha_rules/VRT-content-replace.rules

        Extracted: /tha_rules/VRT-file-identify.rules

        Extracted: /tha_rules/VRT-browser-webkit.rules

        Extracted: /tha_rules/VRT-specific-threats.rules

        Extracted: /tha_rules/VRT-file-office.rules

        Extracted: /tha_rules/VRT-rpc.rules

        Extracted: /tha_rules/VRT-dns.rules

        Extracted: /tha_rules/VRT-os-other.rules

        Extracted: /tha_rules/VRT-snmp.rules

        Extracted: /tha_rules/VRT-policy-other.rules

        Extracted: /tha_rules/VRT-web-coldfusion.rules

        Extracted: /tha_rules/VRT-protocol-voip.rules

        Extracted: /tha_rules/VRT-file-image.rules

        Extracted: /tha_rules/VRT-chat.rules

        Extracted: /tha_rules/VRT-voip.rules

        Extracted: /tha_rules/VRT-os-solaris.rules

        Extracted: /tha_rules/VRT-server-mssql.rules

        Extracted: /tha_rules/VRT-pop3.rules

        Extracted: /tha_rules/VRT-preprocessor.rules

        Extracted: /tha_rules/VRT-policy-social.rules

        Extracted: /tha_rules/VRT-protocol-ftp.rules

        Extracted: /tha_rules/VRT-server-webapp.rules

        Extracted: /tha_rules/VRT-server-oracle.rules

        Extracted: /tha_rules/VRT-scada.rules

        Extracted: /tha_rules/VRT-other-ids.rules

        Extracted: /tha_rules/VRT-server-apache.rules

        Extracted: /tha_rules/VRT-sql.rules

        Extracted: /tha_rules/VRT-icmp.rules

        Extracted: /tha_rules/VRT-file-multimedia.rules

        Extracted: /tha_rules/VRT-pua-p2p.rules

        Extracted: /tha_rules/VRT-info.rules

        Extracted: /tha_rules/VRT-pua-other.rules

        Extracted: /tha_rules/VRT-server-mail.rules

        Extracted: /tha_rules/VRT-netbios.rules

        Extracted: /tha_rules/VRT-smtp.rules

        Extracted: /tha_rules/VRT-protocol-icmp.rules

        Extracted: /tha_rules/VRT-sensitive-data.rules

        Extracted: /tha_rules/VRT-indicator-shellcode.rules

        Extracted: /tha_rules/VRT-web-iis.rules

        Extracted: /tha_rules/VRT-protocol-finger.rules

        Extracted: /tha_rules/VRT-botnet-cnc.rules

        Extracted: /tha_rules/VRT-pua-toolbars.rules

        Extracted: /tha_rules/VRT-mysql.rules

        Extracted: /tha_rules/VRT-virus.rules

        Extracted: /tha_rules/VRT-protocol-imap.rules

        Extracted: /tha_rules/VRT-malware-cnc.rules

        Extracted: /tha_rules/VRT-web-misc.rules

        Extracted: /tha_rules/VRT-tftp.rules

        Extracted: /tha_rules/VRT-shellcode.rules

        Extracted: /tha_rules/VRT-blacklist.rules

        Extracted: /tha_rules/VRT-spyware-put.rules

        Extracted: /tha_rules/VRT-exploit.rules

        Extracted: /tha_rules/VRT-protocol-services.rules

        Extracted: /tha_rules/VRT-browser-ie.rules

        Extracted: /tha_rules/VRT-os-windows.rules

        Extracted: /tha_rules/VRT-ddos.rules

        Extracted: /tha_rules/VRT-attack-responses.rules

        Extracted: /tha_rules/VRT-browser-firefox.rules

        Extracted: /tha_rules/VRT-browser-chrome.rules

        Extracted: /tha_rules/VRT-telnet.rules

        Extracted: /tha_rules/VRT-browser-other.rules

        Extracted: /tha_rules/VRT-icmp-info.rules

        Extracted: /tha_rules/VRT-os-linux.rules

        Extracted: /tha_rules/VRT-indicator-obfuscation.rules

        Extracted: /tha_rules/VRT-policy-spam.rules

        Extracted: /tha_rules/VRT-malware-tools.rules

        Extracted: /tha_rules/VRT-x11.rules

        Extracted: /tha_rules/VRT-p2p.rules

        Extracted: /tha_rules/VRT-scan.rules

        Extracted: /tha_rules/VRT-ftp.rules

        Extracted: /tha_rules/VRT-malware-other.rules

        Extracted: /tha_rules/VRT-web-php.rules

        Extracted: /tha_rules/VRT-web-activex.rules

        Extracted: /tha_rules/VRT-decoder.rules

        Extracted: /tha_rules/VRT-web-frontpage.rules

        Extracted: /tha_rules/VRT-rservices.rules

        Extracted: /tha_rules/VRT-file-executable.rules

        Extracted: /tha_rules/VRT-file-other.rules

        Extracted: /tha_rules/VRT-backdoor.rules

        Extracted: /tha_rules/VRT-multimedia.rules

        Extracted: /tha_rules/VRT-web-client.rules

        Extracted: /tha_rules/VRT-exploit-kit.rules

        Extracted: /tha_rules/VRT-protocol-pop.rules

        Extracted: /tha_rules/VRT-browser-plugins.rules

        Extracted: /tha_rules/VRT-policy.rules

        Extracted: /tha_rules/VRT-web-attacks.rules

        Extracted: /tha_rules/VRT-imap.rules

        Extracted: /tha_rules/VRT-file-flash.rules

        Extracted: /tha_rules/VRT-nntp.rules

        Extracted: /tha_rules/VRT-dos.rules

        Extracted: /tha_rules/VRT-finger.rules

        Extracted: /tha_rules/VRT-phishing-spam.rules

No such file in archive: 'doc/signatures/rules/VRT-License.txt' at
d:\winids\pulledpork\pulledpork.pl line 293.

Could not find an entry for 'doc/signatures/rules/VRT-License.txt' at
d:\winids\pulledpork\pulledpork.pl line 293.

        Extracted:
d:\winids\Apache24\htdocs\base\signatures\rules/VRT-License.txt

        Extracted: /tha_rules/VRT-server-mysql.rules

        Extracted: /tha_rules/VRT-oracle.rules

        Extracted: /tha_rules/VRT-server-iis.rules

        Extracted: /tha_rules/VRT-app-detect.rules

        Extracted: /tha_rules/VRT-policy-multimedia.rules

        Extracted: /tha_rules/VRT-pop2.rules

        Extracted: /tha_rules/VRT-bad-traffic.rules

        Extracted: /tha_rules/VRT-web-cgi.rules

Cleanup....

        removed 108 temporary snort files or directories from
d:\winids\pulledpork\temp/tha_rules!

Fly Piggy Fly!

 

Best regards,

Michael...

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130210/d19903be/attachment.html>


More information about the Snort-users mailing list