[Snort-users] Error 500 during update of rule-set using pulled-pork
wkitty42 at ...14940...
Sat May 3 21:34:19 EDT 2014
On 5/3/2014 1:29 PM, Michael Steele wrote:
> For testing PP only; As long as you specify the version of rules to pull in the
> pulledpork.conf ( snort_version=x.x.x.x ) the version of snort you are running
> is not relevant, or shouldn’t be. PP should complete successfully.
> I complained about this MONTHS / YEARS ago; For thirty days after a new version
> of Snort is released there is confusion about the rule set / configuration files
> compatibility for new users. Registered users can’t get access to the newly
> named rule set that matches the latest Snort version.
the tools being used should automatically attempt to fall back to the previous
rules sets... in the firewall project i work with, we have spent a lot of time
working on doing just this to prevent the tons of support posts inquiring why
our users who are VRT registered users cannot download the rules for the newest
snort when they update their installations...
IMHO, pulledpork should also perform this feat of majik if for no other reason
than to ward off all these posts like this when newer snorts are released and
registered subscribers cannot access those snort version specific rules sets for
NOTE: No off-list assistance is given without prior approval.
Please *keep mailing list traffic on the list* unless
private contact is specifically requested and granted.
More information about the Snort-users