[Snort-users] Pulled Pork 0.7.0 Issues

JJC cummingsj at ...11827...
Thu Nov 7 10:09:12 EST 2013


If PP is acting like you would expect, it's a non-issue.  This said feel
free to submit a bug and we will look into it as a low priority (read non
usage affecting issue).

JJC


On Thu, Nov 7, 2013 at 7:40 AM, Turnbough, Bradley E. <bturnbough at ...15650...
> wrote:

> Does anyone have any input on this?
>
>
> ________________________________________
> From: Turnbough, Bradley E. [bturnbough at ...15650...]
> Sent: Tuesday, November 05, 2013 8:36 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] Pulled Pork 0.7.0 Issues
>
> Guys,
>
> CentOS 6.4 fully patched
> Snort 2.9.5.5
> Pulled Pork 0.7.0
>
>
>
> Why am I getting this?
>
> Writing v1 /etc/snort/sid-msg-p2p2.map....
> Use of uninitialized value in string at /opt/pulledpork/pulledpork.plline 1179.
>     Done
>
>
> It appears that /etc/snort/sid-msg-p2p2.map exists and is a valid text
> file.  No obvious corruption.
>
> Any ideas?
>
>
> ---------------------------------------------------------------------------------------------------------------------------
>     http://code.google.com/p/pulledpork/
>       _____ ____
>      `----,\    )
>       `--==\\  /    PulledPork v0.7.0 - Swine Flu!
>        `--==\\/
>      .-~~~~-.Y|\\_  Copyright (C) 2009-2013 JJ Cummings
>   @_/        /  66\_  cummingsj at ...11827...
>     |    \   \   _(")
>      \   /-| ||'--'  Rules give me wings!
>       \_\  \_\\
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Config File Variable Debug /opt/pulledpork/etc/pulledpork-p2p2.conf
>     snort_path = /usr/sbin/snort
>     black_list = /etc/snort/rules/black_list-p2p2.rules
>     IPRVersion = /etc/snort/rules/iplists-p2p2
>     rule_path = /etc/snort/rules/pulledpork-p2p2.rules
>     ignore = deleted-p2p2.rules,experimental-p2p2.rules,local-p2p2.rules
>     snort_control = /usr/local/bin/snort_control-p2p2
>     rule_url = ARRAY(0x2b68fe8)
>     sid_msg_version = 1
>     sid_changelog = /var/log/snort/sid_changes-p2p2.log
>     sid_msg = /etc/snort/sid-msg-p2p2.map
>     ips_policy = security
>     config_path = /etc/snort/snort-p2p2.conf
>     temp_path = /opt/pulledpork/tmp/sigs
>     distro = RHEL-6-0
>     sorule_path = /usr/local/lib/snort_dynamicrules/p2p2/
>     version = 0.7.0
>     disablesid = /opt/pulledpork/etc/disablesid-p2p2.conf
>     local_rules = /etc/snort/rules/local-p2p2.rules
> MISC (CLI and Autovar) Variable Debug:
>     Process flag specified!
>     arch Def is: x86-64
>     Config Path is: /opt/pulledpork/etc/pulledpork-p2p2.conf
>     Distro Def is: RHEL-6-0
>     security policy specified
>     local.rules path is: /etc/snort/rules/local-p2p2.rules
>     No Download Flag is Set
>     Rules file is: /etc/snort/rules/pulledpork-p2p2.rules
>     Path to disablesid file: /opt/pulledpork/etc/disablesid-p2p2.conf
>     sid changes will be logged to: /var/log/snort/sid_changes-p2p2.log
>     sid-msg.map Output Path is: /etc/snort/sid-msg-p2p2.map
>     Snort Version is: 2.9.5.5
>     Snort Config File: /etc/snort/snort-p2p2.conf
>     Snort Path is: /usr/sbin/snort
>     SO Output Path is: /usr/local/lib/snort_dynamicrules/p2p2/
>     Will process SO rules
>     Verbose Flag is Set
>     Base URL is:
> https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|2dfd3c74fc83256ac3b9c431395d827584cefed1
> https://s3.amazonaws.com/snort-org/www/rules/community/|community-rules.tar.gz|Community
> https://www.snort.org/reg-rules/|opensource.gz|2dfd3c74fc83256ac3b9c431395d827584cefed1
> Prepping rules from snortrules-snapshot-2955.tar.gz for work....
>     extracting contents of
> /opt/pulledpork/tmp/sigs/snortrules-snapshot-2955.tar.gz...
>     Ignoring plaintext rules: deleted-p2p2.rules
>     Ignoring plaintext rules: experimental-p2p2.rules
>     Ignoring plaintext rules: local-p2p2.rules
>     Extracted: /tha_rules/VRT-server-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/misc.so
>     Extracted: /tha_rules/VRT-pua-adware.rules
>     Extracted: /tha_rules/VRT-misc.rules
>     Extracted: /tha_rules/VRT-malware-backdoor.rules
>     Extracted: /tha_rules/VRT-indicator-compromise.rules
>     Extracted: /tha_rules/VRT-file-pdf.rules
>     Extracted: /tha_rules/VRT-content-replace.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-misc.so
>     Extracted: /tha_rules/VRT-file-identify.rules
>     Extracted: /tha_rules/VRT-browser-webkit.rules
>     Extracted: /tha_rules/VRT-protocol-telnet.rules
>     Extracted: /tha_rules/VRT-specific-threats.rules
>     Extracted: /tha_rules/VRT-file-office.rules
>     Extracted: /tha_rules/VRT-protocol-tftp.rules
>     Extracted: /tha_rules/VRT-file-java.rules
>     Extracted: /tha_rules/VRT-local.rules
>     Extracted: /tha_rules/VRT-rpc.rules
>     Extracted: /tha_rules/VRT-dns.rules
>     Extracted: /tha_rules/VRT-protocol-dns.rules
>     Extracted: /tha_rules/VRT-os-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-client.so
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/snmp.so
>     Extracted: /tha_rules/VRT-snmp.rules
>     Extracted: /tha_rules/VRT-protocol-scada.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/icmp.so
>     Extracted: /tha_rules/VRT-policy-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/chat.so
>     Extracted: /tha_rules/VRT-web-coldfusion.rules
>     Extracted: /tha_rules/VRT-protocol-voip.rules
>     Extracted: /tha_rules/VRT-file-image.rules
>     Extracted: /tha_rules/VRT-chat.rules
>     Extracted: /tha_rules/VRT-voip.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/nntp.so
>     Extracted: /tha_rules/VRT-os-solaris.rules
>     Extracted: /tha_rules/VRT-pop3.rules
>     Extracted: /tha_rules/VRT-server-mssql.rules
>     Extracted: /tha_rules/VRT-os-mobile.rules
>     Extracted: /tha_rules/VRT-preprocessor.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/netbios.so
>     Extracted: /tha_rules/VRT-policy-social.rules
>     Extracted: /tha_rules/VRT-protocol-ftp.rules
>     Extracted: /tha_rules/VRT-server-webapp.rules
>     Extracted: /tha_rules/VRT-protocol-rpc.rules
>     Extracted: /tha_rules/VRT-server-oracle.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/smtp.so
>     Extracted: /tha_rules/VRT-server-samba.rules
>     Extracted: /tha_rules/VRT-scada.rules
>     Extracted: /tha_rules/VRT-other-ids.rules
>     Extracted: /tha_rules/VRT-server-apache.rules
>     Extracted: /tha_rules/VRT-sql.rules
>     Extracted: /tha_rules/VRT-protocol-nntp.rules
>     Extracted: /tha_rules/VRT-icmp.rules
>     Extracted: /tha_rules/VRT-indicator-scan.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/p2p.so
>     Extracted: /tha_rules/VRT-file-multimedia.rules
>     Extracted: /tha_rules/VRT-pua-p2p.rules
>     Extracted: /tha_rules/VRT-info.rules
>     Extracted: /tha_rules/VRT-pua-other.rules
>     Extracted: /tha_rules/VRT-protocol-snmp.rules
>     Extracted: /tha_rules/VRT-server-mail.rules
>     Extracted: /tha_rules/VRT-netbios.rules
>     Extracted: /tha_rules/VRT-smtp.rules
>     Extracted: /tha_rules/VRT-protocol-icmp.rules
>     Extracted: /tha_rules/VRT-sensitive-data.rules
>     Extracted: /tha_rules/VRT-indicator-shellcode.rules
>     Extracted: /tha_rules/VRT-web-iis.rules
>     Extracted: /tha_rules/VRT-protocol-finger.rules
>     Extracted: /tha_rules/VRT-botnet-cnc.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/bad-traffic.so
>     Extracted: /tha_rules/VRT-pua-toolbars.rules
>     Extracted: /tha_rules/VRT-mysql.rules
>     Extracted: /tha_rules/VRT-virus.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/multimedia.so
>     Extracted: /tha_rules/VRT-protocol-imap.rules
>     Extracted: /tha_rules/VRT-malware-cnc.rules
>     Extracted: /tha_rules/VRT-web-misc.rules
>     Extracted: /tha_rules/VRT-tftp.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-iis.so
>     Extracted: /tha_rules/VRT-blacklist.rules
>     Extracted: /tha_rules/VRT-shellcode.rules
>     Extracted: /tha_rules/VRT-spyware-put.rules
>     Extracted: /tha_rules/VRT-exploit.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/exploit.so
>     Extracted: /tha_rules/VRT-protocol-services.rules
>     Extracted: /tha_rules/VRT-browser-ie.rules
>     Extracted: /tha_rules/VRT-os-windows.rules
>     Extracted: /tha_rules/VRT-ddos.rules
>     Extracted: /tha_rules/VRT-experimental.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/imap.so
>     Extracted: /tha_rules/VRT-attack-responses.rules
>     Extracted: /tha_rules/VRT-browser-firefox.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-activex.so
>     Extracted: /tha_rules/VRT-browser-chrome.rules
>     Extracted: /tha_rules/VRT-telnet.rules
>     Extracted: /tha_rules/VRT-browser-other.rules
>     Extracted: /tha_rules/VRT-icmp-info.rules
>     Extracted: /tha_rules/VRT-os-linux.rules
>     Extracted: /tha_rules/VRT-indicator-obfuscation.rules
>     Extracted: /tha_rules/VRT-policy-spam.rules
>     Extracted: /tha_rules/VRT-malware-tools.rules
>     Extracted: /tha_rules/VRT-x11.rules
>     Extracted: /tha_rules/VRT-p2p.rules
>     Extracted: /tha_rules/VRT-scan.rules
>     Extracted: /tha_rules/VRT-ftp.rules
>     Extracted: /tha_rules/VRT-malware-other.rules
>     Extracted: /tha_rules/VRT-web-php.rules
>     Extracted: /tha_rules/VRT-web-activex.rules
>     Extracted: /tha_rules/VRT-decoder.rules
>     Extracted: /tha_rules/VRT-web-frontpage.rules
>     Extracted: /tha_rules/VRT-rservices.rules
>     Extracted: /tha_rules/VRT-file-executable.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/specific-threats.so
>     Extracted: /tha_rules/VRT-deleted.rules
>     Extracted: /tha_rules/VRT-file-other.rules
>     Extracted: /tha_rules/VRT-backdoor.rules
>     Extracted: /tha_rules/VRT-multimedia.rules
>     Extracted: /tha_rules/VRT-web-client.rules
>     Extracted: /tha_rules/VRT-exploit-kit.rules
>     Extracted: /tha_rules/VRT-protocol-pop.rules
>     Extracted: /tha_rules/VRT-browser-plugins.rules
>     Extracted: /tha_rules/VRT-policy.rules
>     Extracted: /tha_rules/VRT-web-attacks.rules
>     Extracted: /tha_rules/VRT-imap.rules
>     Extracted: /tha_rules/VRT-file-flash.rules
>     Extracted: /tha_rules/VRT-nntp.rules
>     Extracted: /tha_rules/VRT-dos.rules
>     Extracted: /tha_rules/VRT-finger.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/dos.so
>     Extracted: /tha_rules/VRT-phishing-spam.rules
>     Extracted: /tha_rules/VRT-server-mysql.rules
>     Extracted: /tha_rules/VRT-oracle.rules
>     Extracted: /tha_rules/VRT-server-iis.rules
>     Extracted: /tha_rules/VRT-app-detect.rules
>     Extracted: /tha_rules/VRT-policy-multimedia.rules
>     Extracted: /tha_rules/VRT-pop2.rules
>     Extracted: /tha_rules/VRT-bad-traffic.rules
>     Extracted: /tha_rules/VRT-web-cgi.rules
> Prepping rules from community-rules.tar.gz for work....
>     extracting contents of
> /opt/pulledpork/tmp/sigs/community-rules.tar.gz...
>     Ignoring plaintext rules: deleted-p2p2.rules
>     Ignoring plaintext rules: experimental-p2p2.rules
>     Ignoring plaintext rules: local-p2p2.rules
>     Extracted: /tha_rules/Snort-Community-community.rules
> Prepping rules from snortrules-snapshot-2955.tar.gz for work....
>     extracting contents of
> /opt/pulledpork/tmp/sigs/snortrules-snapshot-2955.tar.gz...
>     Ignoring plaintext rules: deleted-p2p2.rules
>     Ignoring plaintext rules: experimental-p2p2.rules
>     Ignoring plaintext rules: local-p2p2.rules
>     Extracted: /tha_rules/VRT-server-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/misc.so
>     Extracted: /tha_rules/VRT-pua-adware.rules
>     Extracted: /tha_rules/VRT-misc.rules
>     Extracted: /tha_rules/VRT-malware-backdoor.rules
>     Extracted: /tha_rules/VRT-indicator-compromise.rules
>     Extracted: /tha_rules/VRT-file-pdf.rules
>     Extracted: /tha_rules/VRT-content-replace.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-misc.so
>     Extracted: /tha_rules/VRT-file-identify.rules
>     Extracted: /tha_rules/VRT-browser-webkit.rules
>     Extracted: /tha_rules/VRT-protocol-telnet.rules
>     Extracted: /tha_rules/VRT-specific-threats.rules
>     Extracted: /tha_rules/VRT-file-office.rules
>     Extracted: /tha_rules/VRT-protocol-tftp.rules
>     Extracted: /tha_rules/VRT-file-java.rules
>     Extracted: /tha_rules/VRT-local.rules
>     Extracted: /tha_rules/VRT-rpc.rules
>     Extracted: /tha_rules/VRT-dns.rules
>     Extracted: /tha_rules/VRT-protocol-dns.rules
>     Extracted: /tha_rules/VRT-os-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-client.so
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/snmp.so
>     Extracted: /tha_rules/VRT-snmp.rules
>     Extracted: /tha_rules/VRT-protocol-scada.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/icmp.so
>     Extracted: /tha_rules/VRT-policy-other.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/chat.so
>     Extracted: /tha_rules/VRT-web-coldfusion.rules
>     Extracted: /tha_rules/VRT-protocol-voip.rules
>     Extracted: /tha_rules/VRT-file-image.rules
>     Extracted: /tha_rules/VRT-chat.rules
>     Extracted: /tha_rules/VRT-voip.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/nntp.so
>     Extracted: /tha_rules/VRT-os-solaris.rules
>     Extracted: /tha_rules/VRT-server-mssql.rules
>     Extracted: /tha_rules/VRT-pop3.rules
>     Extracted: /tha_rules/VRT-os-mobile.rules
>     Extracted: /tha_rules/VRT-preprocessor.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/netbios.so
>     Extracted: /tha_rules/VRT-policy-social.rules
>     Extracted: /tha_rules/VRT-protocol-ftp.rules
>     Extracted: /tha_rules/VRT-server-webapp.rules
>     Extracted: /tha_rules/VRT-protocol-rpc.rules
>     Extracted: /tha_rules/VRT-server-oracle.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/smtp.so
>     Extracted: /tha_rules/VRT-server-samba.rules
>     Extracted: /tha_rules/VRT-scada.rules
>     Extracted: /tha_rules/VRT-other-ids.rules
>     Extracted: /tha_rules/VRT-server-apache.rules
>     Extracted: /tha_rules/VRT-sql.rules
>     Extracted: /tha_rules/VRT-protocol-nntp.rules
>     Extracted: /tha_rules/VRT-icmp.rules
>     Extracted: /tha_rules/VRT-indicator-scan.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/p2p.so
>     Extracted: /tha_rules/VRT-file-multimedia.rules
>     Extracted: /tha_rules/VRT-pua-p2p.rules
>     Extracted: /tha_rules/VRT-info.rules
>     Extracted: /tha_rules/VRT-pua-other.rules
>     Extracted: /tha_rules/VRT-protocol-snmp.rules
>     Extracted: /tha_rules/VRT-server-mail.rules
>     Extracted: /tha_rules/VRT-netbios.rules
>     Extracted: /tha_rules/VRT-smtp.rules
>     Extracted: /tha_rules/VRT-protocol-icmp.rules
>     Extracted: /tha_rules/VRT-sensitive-data.rules
>     Extracted: /tha_rules/VRT-indicator-shellcode.rules
>     Extracted: /tha_rules/VRT-web-iis.rules
>     Extracted: /tha_rules/VRT-protocol-finger.rules
>     Extracted: /tha_rules/VRT-botnet-cnc.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/bad-traffic.so
>     Extracted: /tha_rules/VRT-pua-toolbars.rules
>     Extracted: /tha_rules/VRT-mysql.rules
>     Extracted: /tha_rules/VRT-virus.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/multimedia.so
>     Extracted: /tha_rules/VRT-protocol-imap.rules
>     Extracted: /tha_rules/VRT-malware-cnc.rules
>     Extracted: /tha_rules/VRT-web-misc.rules
>     Extracted: /tha_rules/VRT-tftp.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-iis.so
>     Extracted: /tha_rules/VRT-shellcode.rules
>     Extracted: /tha_rules/VRT-blacklist.rules
>     Extracted: /tha_rules/VRT-spyware-put.rules
>     Extracted: /tha_rules/VRT-exploit.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/exploit.so
>     Extracted: /tha_rules/VRT-protocol-services.rules
>     Extracted: /tha_rules/VRT-browser-ie.rules
>     Extracted: /tha_rules/VRT-os-windows.rules
>     Extracted: /tha_rules/VRT-ddos.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/imap.so
>     Extracted: /tha_rules/VRT-experimental.rules
>     Extracted: /tha_rules/VRT-attack-responses.rules
>     Extracted: /tha_rules/VRT-browser-firefox.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/web-activex.so
>     Extracted: /tha_rules/VRT-browser-chrome.rules
>     Extracted: /tha_rules/VRT-telnet.rules
>     Extracted: /tha_rules/VRT-browser-other.rules
>     Extracted: /tha_rules/VRT-icmp-info.rules
>     Extracted: /tha_rules/VRT-os-linux.rules
>     Extracted: /tha_rules/VRT-indicator-obfuscation.rules
>     Extracted: /tha_rules/VRT-policy-spam.rules
>     Extracted: /tha_rules/VRT-malware-tools.rules
>     Extracted: /tha_rules/VRT-x11.rules
>     Extracted: /tha_rules/VRT-p2p.rules
>     Extracted: /tha_rules/VRT-scan.rules
>     Extracted: /tha_rules/VRT-ftp.rules
>     Extracted: /tha_rules/VRT-malware-other.rules
>     Extracted: /tha_rules/VRT-web-php.rules
>     Extracted: /tha_rules/VRT-web-activex.rules
>     Extracted: /tha_rules/VRT-decoder.rules
>     Extracted: /tha_rules/VRT-web-frontpage.rules
>     Extracted: /tha_rules/VRT-rservices.rules
>     Extracted: /tha_rules/VRT-file-executable.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/specific-threats.so
>     Extracted: /tha_rules/VRT-file-other.rules
>     Extracted: /tha_rules/VRT-deleted.rules
>     Extracted: /tha_rules/VRT-backdoor.rules
>     Extracted: /tha_rules/VRT-multimedia.rules
>     Extracted: /tha_rules/VRT-web-client.rules
>     Extracted: /tha_rules/VRT-exploit-kit.rules
>     Extracted: /tha_rules/VRT-protocol-pop.rules
>     Extracted: /tha_rules/VRT-browser-plugins.rules
>     Extracted: /tha_rules/VRT-policy.rules
>     Extracted: /tha_rules/VRT-web-attacks.rules
>     Extracted: /tha_rules/VRT-imap.rules
>     Extracted: /tha_rules/VRT-file-flash.rules
>     Extracted: /tha_rules/VRT-nntp.rules
>     Extracted: /tha_rules/VRT-dos.rules
>     Extracted: /usr/local/lib/snort_dynamicrules/p2p2/dos.so
>     Extracted: /tha_rules/VRT-finger.rules
>     Extracted: /tha_rules/VRT-phishing-spam.rules
>     Extracted: /tha_rules/VRT-server-mysql.rules
>     Extracted: /tha_rules/VRT-oracle.rules
>     Extracted: /tha_rules/VRT-server-iis.rules
>     Extracted: /tha_rules/VRT-app-detect.rules
>     Extracted: /tha_rules/VRT-policy-multimedia.rules
>     Extracted: /tha_rules/VRT-pop2.rules
>     Extracted: /tha_rules/VRT-bad-traffic.rules
>     Extracted: /tha_rules/VRT-web-cgi.rules
>     Reading rules...
> Generating Stub Rules....
>     Generating shared object stubs via:/usr/sbin/snort -c
> /etc/snort/snort-p2p2.conf
> --dump-dynamic-rules=/opt/pulledpork/tmp/sigs/tha_rules/so_rules/
>     Dumping dynamic rules...
>     Dumping dynamic rules for Library dos 1.0.1
>     Dumping dynamic rules for Library web-activex 1.0.1
>     Dumping dynamic rules for Library netbios 1.0.1
>     Dumping dynamic rules for Library web-client 1.0.1
>     Dumping dynamic rules for Library icmp 1.0.1
>     Dumping dynamic rules for Library web-iis 1.0.1
>     Dumping dynamic rules for Library imap 1.0.1
>     Dumping dynamic rules for Library multimedia 1.0.1
>     Dumping dynamic rules for Library p2p 1.0.1
>     Dumping dynamic rules for Library snmp 1.0.1
>     Dumping dynamic rules for Library chat 1.0.1
>     Dumping dynamic rules for Library misc 1.0.1
>     Dumping dynamic rules for Library specific-threats 1.0.1
>     Dumping dynamic rules for Library exploit 1.0.1
>     Dumping dynamic rules for Library smtp 1.0.1
>     Dumping dynamic rules for Library nntp 1.0.1
>     Dumping dynamic rules for Library bad-traffic 1.0.1
>     Dumping dynamic rules for Library web-misc 1.0.1
>       Finished dumping dynamic rules.
>     Done
>     Reading rules...
>     Reading rules...
> Cleanup....
>     removed 141 temporary snort files or directories from
> /opt/pulledpork/tmp/sigs/tha_rules!
> Activating security rulesets....
>     Done
> Processing /opt/pulledpork/etc/disablesid-p2p2.conf....
>     Modified 0 rules
>     Done
> Setting Flowbit State....
>     Enabled 940 flowbits
>     Enabled 29 flowbits
>     Enabled 6 flowbits
>     Enabled 2 flowbits
>     Done
> Writing /etc/snort/rules/pulledpork-p2p2.rules....
>     Done
> Generating sid-msg.map....
>     Done
> Writing v1 /etc/snort/sid-msg-p2p2.map....
> Use of uninitialized value in string at /opt/pulledpork/pulledpork.plline 1179.
>     Done
> Writing /var/log/snort/sid_changes-p2p2.log....
>     Done
> Rule Stats...
>     New:-------1
>     Deleted:---0
>     Enabled Rules:----9936
>     Dropped Rules:----0
>     Disabled Rules:---17855
>     Total Rules:------27791
> No IP Blacklist Changes
>
> Done
> Please review /var/log/snort/sid_changes-p2p2.log for additional details
> Fly Piggy Fly!
> _____________________________________________________________ This e-mail
> transmission contains information that is confidential and may be
> privileged. It is intended only for the addressee(s) named above. If you
> receive this e-mail in error, please do not read, copy or disseminate it in
> any manner. If you are not the intended recipient, any disclosure, copying,
> distribution or use of the contents of this information is prohibited.
> Please reply to the message immediately by informing the sender that the
> message was misdirected. After replying, please erase it from your computer
> system. Your assistance in correcting this error is appreciated.
>
>
> ------------------------------------------------------------------------------
> November Webinars for C, C++, Fortran Developers
> Accelerate application performance with scalable programming models.
> Explore
> techniques for threading, error checking, porting, and tuning. Get the most
> from the latest Intel processors and coprocessors. See abstracts and
> register
> http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
> _____________________________________________________________ This e-mail
> transmission contains information that is confidential and may be
> privileged. It is intended only for the addressee(s) named above. If you
> receive this e-mail in error, please do not read, copy or disseminate it in
> any manner. If you are not the intended recipient, any disclosure, copying,
> distribution or use of the contents of this information is prohibited.
> Please reply to the message immediately by informing the sender that the
> message was misdirected. After replying, please erase it from your computer
> system. Your assistance in correcting this error is appreciated.
>
>
> ------------------------------------------------------------------------------
> November Webinars for C, C++, Fortran Developers
> Accelerate application performance with scalable programming models.
> Explore
> techniques for threading, error checking, porting, and tuning. Get the most
> from the latest Intel processors and coprocessors. See abstracts and
> register
> http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20131107/93939a3b/attachment.html>


More information about the Snort-users mailing list