Snort mailing list archives
pulledpork rule update 403 error
From: "Jeffrey J. Nucciarone" <nucci () arl psu edu>
Date: Wed, 4 Sep 2013 15:15:54 +0000
I'm running pulledpork 0.6.1 to obtain the new rules but I get the following
error:
Checking latest MD5 for snortrules-snapshot-2953.tar.gz....
A 403 error occurred, please wait for the 15 minute timeout
to expire before trying again or specify the -n runtime switch
You may also wish to verfiy your oinkcode, tarball name, and other
configuration options
I tried to run a manual wget and it too failed:
Command:
wget https://www.snort.org/reg-rules/snortrules-snapshot-2953.tar.gz.md5/
<https://www.snort.org/reg-rules/snortrules-snapshot-2953.tar.gz.md5/%3cmy>
<my oinkcode here> -O /tmp/snortrules-snapshot-2953.tar.gz.md5
Result:
Resolving www.snort.org (www.snort.org)... 23.23.143.164
Connecting to www.snort.org (www.snort.org)|23.23.143.164|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2013-09-04 15:11:51 ERROR 403: Forbidden.
A manual wget for the 2946 rules did work:
Comand: wget
https://www.snort.org/reg-rules/snortrules-snapshot-2946.tar.gz.md5/
<https://www.snort.org/reg-rules/snortrules-snapshot-2946.tar.gz.md5/%3cmy>
<my oinkcode here> -O snortrules-snapshot-2946.tar.gz.md5
Result:
--2013-09-04 15:12:47--
https://www.snort.org/reg-rules/snortrules-snapshot-2946.tar.gz.md5/
<https://www.snort.org/reg-rules/snortrules-snapshot-2946.tar.gz.md5/%3cmyoi
nkcode> <myoinkcode here>
Resolving www.snort.org (www.snort.org)... 23.23.143.164
Connecting to www.snort.org (www.snort.org)|23.23.143.164|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 32 [text/plain]
Saving to: `snortrules-snapshot-2946.tar.gz.md5'
100%[======================================>] 32 --.-K/s in 0s
2013-09-04 15:12:48 (22.4 MB/s) - `snortrules-snapshot-2946.tar.gz.md5'
saved [32/32]
Curious I opened a browser and tried to get the latest and greatest. I input
the URL (including my oinkcode) and saw the following:
Snort.org Rule Pack Download Error:
--------------------------
Subscription: false
--------------------------
No rule pack with this filename is available to you.
--------------------------
Substituting the URL for the 2946 rules resulted in a download.
Would my oinkcode not be eligible for the latest rules? Do I need to update?
I don't have a paid subscription so are the new rules only for paid
subscribers?
Still kind of new to this..
Thanks,
--Jeff
Attachment:
smime.p7s
Description:
------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- pulledpork rule update 403 error Jeffrey J. Nucciarone (Sep 04)
- Re: pulledpork rule update 403 error Joel Esler (Sep 04)