[Snort-users] PulledPork Stopped Working
Joel Esler (jesler)
jesler at ...589...
Mon Jan 9 17:21:24 EST 2017
501 Protocol scheme 'https' is not supported (LWP::Protocol::https not installed) (1s)
Looks like your problem is right there.
Sent from my iPhone
On Jan 9, 2017, at 1:17 PM, Keith Pachulski <keith.pachulski at ...17691...<mailto:keith.pachulski at ...17691...>> wrote:
Pulledpork was working fine for me until this latest snort update so looking for some advice on how to correct the error:
$ ./pulledpork.pl -c /home/snort/pulledpork/etc/pulledpork.conf -I security -P -e /home/snort/pulledpork/etc/enablesid.conf -vv
`--==\\ / PulledPork v0.7.3 - Making signature updates great again!
.-~~~~-.Y|\\_ Copyright (C) 2009-2016 JJ Cummings
@_/ / 66\_ cummingsj at ...11827...<mailto:cummingsj at ...11827...>
| \ \ _(")
\ /-| ||'--' Rules give me wings!
Config File Variable Debug /home/snort/pulledpork/etc/pulledpork.conf
sid_msg_version = 1
IPRVersion = /home/snort/rules/iplists
ignore = deleted.rules,experimental.rules,local.rules
snort_path = /usr/local/bin/snort
temp_path = /tmp
sorule_path = /usr/local/lib/snort_dynamicrules/
sid_msg = /home/snort/rules/etc/sid-msg.map
local_rules = /home/snort/rules/local.rules
rule_path = /home/snort/rules/snort.rules
distro = Ubuntu-12-04
sid_changelog = /home/snort/rules/pullpork-sid_changes.log
rule_url = ARRAY(0x1bf0a70)
config_path = /home/snort/rules/snort.conf
version = 0.7.3
black_list = /home/snort/rules/black_list.rules
MISC (CLI and Autovar) Variable Debug:
Process flag specified!
arch Def is: x86-64
Operating System is: linux
CA Certificate File is: OS Default
Config Path is: /home/snort/pulledpork/etc/pulledpork.conf
Distro Def is: Ubuntu-12-04
security policy specified
local.rules path is: /home/snort/rules/local.rules
Rules file is: /home/snort/rules/snort.rules
Path to enablesid file: /home/snort/pulledpork/etc/enablesid.conf
sid changes will be logged to: /home/snort/rules/pullpork-sid_changes.log
sid-msg.map Output Path is: /home/snort/rules/etc/sid-msg.map
Snort Version is: 220.127.116.11
Snort Config File: /home/snort/rules/snort.conf
Snort Path is: /usr/local/bin/snort
SO Output Path is: /usr/local/lib/snort_dynamicrules/
Will process SO rules
Extra Verbose Flag is Set
Verbose Flag is Set
File(s) to ignore = deleted.rules,experimental.rules,local.rules
Base URL is: https://www.snort.org/rules/|snortrules-snapshot.tar.gz| http://talosintelligence.com/feeds/ip-filter.blf|IPBLACKLIST|open
Checking latest MD5 for snortrules-snapshot-2990.tar.gz....
Fetching md5sum for: snortrules-snapshot-2990.tar.gz.md5
** GET https://www.snort.org/reg-rules/snortrules-snapshot-2990.tar.gz.md5/ ==> 501 Protocol scheme 'https' is not supported (LWP::Protocol::https not installed) (1s)
Error 501 when fetching https://www.snort.org/rules/snortrules-snapshot-2990.tar.gz.md5 at /home/snort/pulledpork/pulledpork.pl line 534.
main::md5file("", "snortrules-snapshot-2990.tar.gz", "/tmp/", "https://www.snort.org/rules/") called at /home/snort/pulledpork/pulledpork.pl line 2007
$ locate https.pm
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or may constitute as attorney work product. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, notify us immediately by telephone and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication.
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users