[Snort-users] snort.conf missing

Joel Esler (jesler) jesler at cisco.com
Tue Jan 22 13:14:53 EST 2019


That's not the snort.conf, that's the reference.config file.

> On Jan 22, 2019, at 12:38 PM, Dorian ROSSE <dorianbrice at hotmail.fr> wrote:
> 
> The content of the snort.conf :
> 
> 
> # $Id$
> # The following defines URLs for the references found in the rules
> #
> # config reference: system URL
>  
> config reference: bugtraq   http://www.securityfocus.com/bid/ <http://www.securityfocus.com/bid/>
> config reference: cve       http://cve.mitre.org/cgi-bin/cvename.cgi?name= <http://cve.mitre.org/cgi-bin/cvename.cgi?name=>
> config reference: arachNIDS http://www.whitehats.com/info/IDS <http://www.whitehats.com/info/IDS>
> config reference: osvdb     http://osvdb.org/show/osvdb/ <http://osvdb.org/show/osvdb/>
>  
> # Note, this one needs a suffix as well.... lets add that in a bit.
> config reference: McAfee    http://vil.nai.com/vil/content/v_ <http://vil.nai.com/vil/content/v_>
> config reference: nessus    http://cgi.nessus.org/plugins/dump.php3?id= <http://cgi.nessus.org/plugins/dump.php3?id=>
> config reference: url       http://
> config reference: msb       http://technet.microsoft.com/en-us/security/bulletin/ <http://technet.microsoft.com/en-us/security/bulletin/>
> 
> 
> there are some days when I go to the link I fall on the same html page !
> 
> Thank you in advance to help me,
> 
> Regards.
> 
> 
> Dorian ROSSE.
>  
> De : Joel Esler (jesler) <jesler at cisco.com>
> Envoyé : Tuesday, January 22, 2019 6:16:13 PM
> À : Dorian ROSSE
> Cc : Lucas Smith; snort-users at lists.snort.org
> Objet : Re: [Snort-users] snort.conf missing
>  
> Please attach, or copy and paste the contents of the email file that you are downloading to this email.
> 
> Sent from my  iPhone
> 
> On Jan 22, 2019, at 12:01, Dorian ROSSE via Snort-users <snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>> wrote:
> 
>> There is nothing in the downloaded files :(
>> 
>> Dorian Rosse. 
>> 
>> From: Dorian ROSSE <dorianbrice at hotmail.fr <mailto:dorianbrice at hotmail.fr>>
>> Sent: Tuesday, January 22, 2019 1:11:55 PM
>> To: Lucas Smith
>> Cc: snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>
>> Subject: Re: [Snort-users] snort.conf missing
>>  
>> I tried this morning then successfully downloaded, 
>> 
>> Regards. 
>> 
>> 
>> Dorian Rosse. 
>> 
>> From: Dorian ROSSE <dorianbrice at hotmail.fr <mailto:dorianbrice at hotmail.fr>>
>> Sent: Tuesday, January 22, 2019 8:24:19 AM
>> To: Lucas Smith
>> Cc: snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>
>> Subject: Re: [Snort-users] snort.conf missing
>>  
>> Ok I will try again, 
>> 
>> Thank you, 
>> 
>> Regards. 
>> 
>> 
>> Dorian Rosse. 
>> 
>> From: Lucas Smith <vedalken at veddysec.net <mailto:vedalken at veddysec.net>>
>> Sent: Tuesday, January 22, 2019 3:13:05 AM
>> To: Dorian ROSSE
>> Cc: snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>
>> Subject: Re: [Snort-users] snort.conf missing
>>  
>> That link you posted is not even a snort.conf file but is a URL reference file. That being said, running the same command as you I downloaded fine and it is not an index.html file.
>> 
>> $ wget https://www.snort.org/documents/reference-config <https://www.snort.org/documents/reference-config>
>> --2019-01-22 02:08:16--  https://www.snort.org/documents/reference-config <https://www.snort.org/documents/reference-config>
>> Resolving www.snort.org <http://www.snort.org/> (www.snort.org <http://www.snort.org/>)... 2606:4700::6810:3e4b, 2606:4700::6810:424b, 2606:4700::6810:404b, ...
>> Connecting to www.snort.org <http://www.snort.org/> (www.snort.org <http://www.snort.org/>)|2606:4700::6810:3e4b|:443... connected.
>> HTTP request sent, awaiting response... 302 Found
>> Location: https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b <https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b> [following]
>> --2019-01-22 02:08:16--  https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b <https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/120/original/reference.config?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20190122%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20190122T020816Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=00f477222b99016a1bff1ae4b114a633298dc9fa55178b3ea2e05e5dadd0cb6b>
>> Resolving snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/> (snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/>)... 52.216.227.8
>> Connecting to snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/> (snort-org-site.s3.amazonaws.com <http://snort-org-site.s3.amazonaws.com/>)|52.216.227.8|:443... connected.
>> HTTP request sent, awaiting response... 200 OK
>> Length: 687 [application/octet-stream]
>> Saving to: ‘reference-config’
>> 
>> reference-config                        100%[==============================================================================>]     687  --.-KB/s    in 0.002s
>> 
>> 2019-01-22 02:08:17 (292 KB/s) - ‘reference-config’ saved [687/687]
>> 
>> 
>> On the Documents site, you will have to find one compatible with your version of snort and the ones you'd need to look at go snort.x.conf where x is a set of numbers either 4 or 7 digits long.
>> 
>> Lucas
>> 
>> On Sat, Jan 19, 2019 at 2:15 AM Dorian ROSSE via Snort-users <snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>> wrote:
>> I have a problem, 
>> 
>> I do this :
>> 
>> #wget https://www.snort.org/documents/reference-config <https://www.snort.org/documents/reference-config>
>> 
>> And finaly It download index.html instead à snort.conf file,
>> 
>> Anybody can help me? 
>> 
>> Thank you in advance, 
>> 
>> Regards. 
>> 
>> 
>> Dorian Rosse. 
>> 
>> From: Dorian ROSSE
>> Sent: Friday, January 18, 2019 3:20:29 PM
>> To: snort-users at lists.snort.org <mailto:snort-users at lists.snort.org>
>> Subject: snort.conf missing
>>  
>> Hello,
>> 
>> 
>> I checked on my two Ubuntu servers in snortVERSION folder and It miss at each servers the snort.conf file !
>> 
>> Thank you in advance to fix the problem,
>> 
>> Regards.
>> 
>> 
>> Dorian ROSSE.
>>  
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.snort.org <mailto:Snort-users at lists.snort.org>
>> Go to this URL to change user options or unsubscribe:
>> https://lists.snort.org/mailman/listinfo/snort-users <https://lists.snort.org/mailman/listinfo/snort-users>
>> 
>>         To unsubscribe, send an email to:
>>         snort-users-leave at lists.snort.org <mailto:snort-users-leave at lists.snort.org>
>> 
>> Please visit http://blog.snort.org <http://blog.snort.org/> to stay current on all the latest Snort news!
>> 
>> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette <https://snort.org/faq/what-is-the-mailing-list-etiquette>
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.snort.org <mailto:Snort-users at lists.snort.org>
>> Go to this URL to change user options or unsubscribe:
>> https://lists.snort.org/mailman/listinfo/snort-users <https://lists.snort.org/mailman/listinfo/snort-users>
>> 
>>    To unsubscribe, send an email to:
>>    snort-users-leave at lists.snort.org <mailto:snort-users-leave at lists.snort.org>
>> 
>> Please visit http://blog.snort.org <http://blog.snort.org/> to stay current on all the latest Snort news!
>> 
>> Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette <https://snort.org/faq/what-is-the-mailing-list-etiquette>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190122/2a8b6028/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3010 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190122/2a8b6028/attachment.bin>


More information about the Snort-users mailing list