[Snort-users] Welcome to the "Snort-users" mailing list (Digest mode)

Ikenna Chiadikaobi reniykec at ...131...
Tue Feb 3 10:01:51 EST 2015


hi, thanks for the reply, attached is my snort.conf file and pulledpork file.These are the error i get for the pulledpork when i run sudo /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -l

Checking latest MD5 for etpro.rules.tar.gz....
    A 404 error occurred, please verify your filenames and urls for your tarball!
    Error 404 when fetching https://rules.emergingthreatspro.com/et oinkcode/snort-2.9.7/etpro.rules.tar.gz.md5 at /usr/local/bin/pulledpork.pl line 463.
    main::md5file('et oinkcode', 'etpro.rules.tar.gz', '/tmp/', 'https://rules.emergingthreatspro.com/et oinkcode/snort-2.9.7/') called at /usr/local/bin/pulledpork.pl line 1847
 Thanks.
CHIADIGHIKAOBI IKENNA RENE
UNIVERSITI MALAYSIA SARAWAK
FACULTY OF COMPUTER SEC& INFORMATION TECH
COMPUTER NETWORK.

BY THE GRACE OF GOD WE CAN DO ALL THINGS. 

     On Tuesday, February 3, 2015 3:31 AM, Al Lewis (allewi) <allewi at ...16686......> wrote:
   

 #yiv2462380876 #yiv2462380876 -- _filtered #yiv2462380876 {font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv2462380876 {font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv2462380876 {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;} _filtered #yiv2462380876 {font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;} _filtered #yiv2462380876 {font-family:Georgia;panose-1:2 4 5 2 5 4 5 2 3 3;} _filtered #yiv2462380876 {font-family:Candara;panose-1:2 14 5 2 3 3 3 2 2 4;}#yiv2462380876 #yiv2462380876 p.yiv2462380876MsoNormal, #yiv2462380876 li.yiv2462380876MsoNormal, #yiv2462380876 div.yiv2462380876MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:12.0pt;}#yiv2462380876 a:link, #yiv2462380876 span.yiv2462380876MsoHyperlink {color:blue;text-decoration:underline;}#yiv2462380876 a:visited, #yiv2462380876 span.yiv2462380876MsoHyperlinkFollowed {color:purple;text-decoration:underline;}#yiv2462380876 span.yiv2462380876EmailStyle17 {color:#1F497D;}#yiv2462380876 .yiv2462380876MsoChpDefault {font-size:10.0pt;} _filtered #yiv2462380876 {margin:1.0in 1.0in 1.0in 1.0in;}#yiv2462380876 div.yiv2462380876WordSection1 {}#yiv2462380876 Hello,    Both of your errors point to missing files.    This error: ERROR: /etc/snort//etc/snort/rules/snort.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/snort.rules": No such file or directory.    Looks like your snort.conf rule location is setup incorrectly.          The other error: Couldn't read /tmp/468.389031567739-black_list.rules - No such file or directory    Looks like you are trying to pull down a file that doesn’t exist.       Please provide a snort.conf file if possible.       Thanks!    Albert Lewis QA Software Engineer SOURCEfire, Inc.now part of Cisco 9780 Patuxent Woods Drive
Columbia, MD 21046  Phone: (office) 443.430.7112 Email:allewi at ...979...589...     From: Ikenna Chiadikaobi [mailto:reniykec at ...131...]
Sent: Tuesday, February 03, 2015 1:54 AM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Welcome to the "Snort-users" mailing list (Digest mode)    hi, am rene, please i am facing this problem when configuring snort in ubuntu 14.04    Detection:    Search-Method = AC-Full-Q     Split Any/Any group = enabled     Search-Method-Optimizations = enabled     Maximum pattern length = 20 ERROR: /etc/snort//etc/snort/rules/snort.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/snort.rules": No such file or directory.    Fatal Error, Quitting..    and also after using the puallpork following the guide pdf provided on the snort website, i get this problem    IP Blacklist download ofhttp://labs.snort.org/feeds/ip-filter.blf.... Reading IP List... Couldn't read /tmp/468.389031567739-black_list.rules - No such file or directory  at /usr/local/bin/pulledpork.pl line 487.        main::read_iplist('HASH(0x9717abc)', '/tmp/468.389031567739-black_list.rules') called at /usr/local/bin/pulledpork.pl line 378        main::rulefetch('open', 'IPBLACKLIST0', '/tmp/', 'http://labs.snort.org/feeds/ip-filter.blf') called at /usr/local/bin/pulledpork.pl line 1856     I will appreciate your help.    Thanks.      CHIADIGHIKAOBI IKENNA RENE
UNIVERSITI MALAYSIA SARAWAK
FACULTY OF COMPUTER SEC& INFORMATION TECH
COMPUTER NETWORK.    BY THE GRACE OF GOD WE CAN DO ALL THINGS.    On Tuesday, February 3, 2015 2:15 PM, "snort-users-request at ...3471...ge.net" <snort-users-request at lists.sourceforge.net> wrote:    Welcome to theSnort-users at lists.sourceforge.net mailing list! This
list is for general discussion of Snort usage, problems, design, etc.

Do not use this list, or the members of this list to market your or
any other products to.  We value our Community's privacy and their
right not to receive unsolicited email.  Any attempts to do so will
result in your being banned from the lists indefinitely.

To post to this list, send your email to:

  snort-users at lists.sourceforge.net

General information about the mailing list is at:

  https://lists.sourceforge.net/lists/listinfo/snort-users

If you ever want to unsubscribe or change your options (eg, switch to
or from digest mode, change your password, etc.), visit your
subscription page at:

  https://lists.sourceforge.net/lists/options/snort-users/reniykec%40yahoo.com


You can also make such adjustments via email by sending a message to:

  Snort-users-request at lists.sourceforge.net

with the word `help' in the subject or body (don't include the
quotes), and you will get back a message with instructions.

You must know your password to change your options (including changing
the password, itself) or to unsubscribe.  It is:

  rene00

Normally, Mailman will remind you of your lists.sourceforge.net
mailing list passwords once every month, although you can disable this
if you prefer.  This reminder will also include instructions on how to
unsubscribe or change your account options.  There is also a button on
your options page that will email your current password to you.

 

   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150203/cef971cb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pulledpork.conf
Type: application/octet-stream
Size: 10290 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150203/cef971cb/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort.conf
Type: application/octet-stream
Size: 26888 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150203/cef971cb/attachment-0001.obj>


More information about the Snort-users mailing list