As you may know, about 30 days ago, we announced the new rulepack download method for users.
http://vrt-sourcefire.blogspot.com/2010/04/rule-release-for-today-april-26th-2010.html
Today is that day that we talked about back on April 26th, and if you haven't already, you need to update your URL's within PulledPork, Oinkmaster, or whatever script you are using, to download the correct rulepacks by their correct names.
If you are using 2.8.6.0, and you are a registered (non-subscriber) user, your name should read:
snortrules-snapshot-2860.tar.gz
If you are using 2.8.5.3, and you are a registered (non-subscriber) user, your name should read:
snortrules-snapshot-2853.tar.gz
If you are using 2.8.6.0, and you are a subscriber, your name should read:
snortrules-snapshot-2860_s.tar.gz
If you are using 2.8.5.3, and you are a subscriber, your name should read:
snortrules-snapshot-2853_s.tar.gz
If you are running legacy versions of Snort, take the opportunity to now update to the current version (2.8.6.0) here:
http://www.snort.org/downloads?
Joel Esler, Sourcefire, Snort, Immunet, ClamAV, Apple, and Network Security. This is my blog.
Subscribe to:
Post Comments (Atom)
Evernote, Omnifocus, and my productivity
Over the past several years my job here at Cisco Talos has changed drastically. I took on new roles, which is awesome and exciting, but in ...

-
Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
-
Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical. I don't want to...
-
Over the past several years my job here at Cisco Talos has changed drastically. I took on new roles, which is awesome and exciting, but in ...

No comments:
Post a Comment