[Snort-users] PulledPork Stopped Working
keith.pachulski at ...17691...
Mon Jan 9 13:59:24 EST 2017
Pulledpork was working fine for me until this latest snort update so looking for some advice on how to correct the error:
$ ./pulledpork.pl -c /home/snort/pulledpork/etc/pulledpork.conf -I security -P -e /home/snort/pulledpork/etc/enablesid.conf -vv
`--==\\ / PulledPork v0.7.3 - Making signature updates great again!
.-~~~~-.Y|\\_ Copyright (C) 2009-2016 JJ Cummings
@_/ / 66\_ cummingsj at ...11827...
| \ \ _(")
\ /-| ||'--' Rules give me wings!
Config File Variable Debug /home/snort/pulledpork/etc/pulledpork.conf
sid_msg_version = 1
IPRVersion = /home/snort/rules/iplists
ignore = deleted.rules,experimental.rules,local.rules
snort_path = /usr/local/bin/snort
temp_path = /tmp
sorule_path = /usr/local/lib/snort_dynamicrules/
sid_msg = /home/snort/rules/etc/sid-msg.map
local_rules = /home/snort/rules/local.rules
rule_path = /home/snort/rules/snort.rules
distro = Ubuntu-12-04
sid_changelog = /home/snort/rules/pullpork-sid_changes.log
rule_url = ARRAY(0x1bf0a70)
config_path = /home/snort/rules/snort.conf
version = 0.7.3
black_list = /home/snort/rules/black_list.rules
MISC (CLI and Autovar) Variable Debug:
Process flag specified!
arch Def is: x86-64
Operating System is: linux
CA Certificate File is: OS Default
Config Path is: /home/snort/pulledpork/etc/pulledpork.conf
Distro Def is: Ubuntu-12-04
security policy specified
local.rules path is: /home/snort/rules/local.rules
Rules file is: /home/snort/rules/snort.rules
Path to enablesid file: /home/snort/pulledpork/etc/enablesid.conf
sid changes will be logged to: /home/snort/rules/pullpork-sid_changes.log
sid-msg.map Output Path is: /home/snort/rules/etc/sid-msg.map
Snort Version is: 188.8.131.52
Snort Config File: /home/snort/rules/snort.conf
Snort Path is: /usr/local/bin/snort
SO Output Path is: /usr/local/lib/snort_dynamicrules/
Will process SO rules
Extra Verbose Flag is Set
Verbose Flag is Set
File(s) to ignore = deleted.rules,experimental.rules,local.rules
Base URL is: https://www.snort.org/rules/|snortrules-snapshot.tar.gz| http://talosintelligence.com/feeds/ip-filter.blf|IPBLACKLIST|open
Checking latest MD5 for snortrules-snapshot-2990.tar.gz....
Fetching md5sum for: snortrules-snapshot-2990.tar.gz.md5
** GET https://www.snort.org/reg-rules/snortrules-snapshot-2990.tar.gz.md5/ ==> 501 Protocol scheme 'https' is not supported (LWP::Protocol::https not installed) (1s)
Error 501 when fetching https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz.md5 at /home/snort/pulledpork/pulledpork.pl line 534.
main::md5file("", "snortrules-snapshot-2990.tar.gz", "/tmp/", "https://www.snort.org/rules/") called at /home/snort/pulledpork/pulledpork.pl line 2007
$ locate https.pm
This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users