[Snort-users] Errors after upgrade to 2.9.4.1

Alexander Grüner agruener at ...348...
Thu Mar 14 07:57:01 EDT 2013


Hello,

thanks for your help.

> this error plainly states the problem and infers the solution... you have to
> update those SO files...

OK, as far as I understand and read on variuos sites this can be done 
only by downloading the correct (2.9.4.1) rules ?

>> Does not work:
>> #url =
>> http://www.snort.org/pub-bin/oinkmaster.cgi/***************/snortrules-snapshot-2941.tar.gz
>>
>> Works:
>> url =
>> http://www.snort.org/pub-bin/oinkmaster.cgi/************/snortrules-snapshot-2940.tar.gz
>
> you are probably trying to get a rules set that is not yet available to you...
> do you have a subscription or are you registered?

I am registered, no subscription. Now I see on 
https://www.snort.org/snort-rules/ that registered Users do not have 
snortrules-snapshot-2941.tar.gz !

> yeah... either you are running into the 15 minute time limit for requests or you
> are trying to access a rules set that is not available to you yet...

As far as I understand right now: SO files updates will be done by a 
rules update. But because I am only a registered user and have no 
subscription the new rules are not available, yet.

So for the next days I will loose snort_dynamicrules (max. 30 days) ?


Workaround is to comment out
#dynamicdetection directory /usr/local/snort/lib/snort_dynamicrules
until rules are available

Is this understanding correct ? Perhaps we should buy a subscription 
someday ,-)

Best regards,
Alexander




More information about the Snort-users mailing list