4. Cant Update Rules

Cant Update Rules

  • S

    When updating the rules I get an error saying that "OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.snort.org:443 "

    How can I proceed....?
    (New install)
    See full output below;

    Starting rules update...  Time: 2019-11-20 14:06:58
	Downloading Emerging Threats Open rules md5 file...
Starting rules update...  Time: 2019-11-20 14:07:01
	Downloading Emerging Threats Open rules md5 file...
	Emerging Threats Open rules md5 download failed.
	Server returned error code 0.
	Server error message was: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to rules.emergingthreats.net:443 
	Emerging Threats Open rules will not be updated.
	Downloading Snort VRT rules md5 file...
	Emerging Threats Open rules md5 download failed.
	Server returned error code 0.
	Server error message was: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to rules.emergingthreats.net:443 
	Emerging Threats Open rules will not be updated.
	Downloading Snort VRT rules md5 file...
	Snort VRT rules md5 download failed.
	Server returned error code 0.
	Server error message was: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.snort.org:443 
	Snort VRT rules will not be updated.
	Downloading Snort GPLv2 Community Rules md5 file...
	Snort VRT rules md5 download failed.
	Server returned error code 0.
	Server error message was: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.snort.org:443 
	Snort VRT rules will not be updated.
	Downloading Snort GPLv2 Community Rules md5 file...
	Snort GPLv2 Community Rules md5 download failed.
	Server returned error code 0.
	Server error message was: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.snort.org:443 
	Snort GPLv2 Community Rules will not be updated.
The Rules update has finished.  Time: 2019-11-20 14:09:59
    0

  • Are you running any other packages such as Squid, SquidGuard or pfBlockerNG? If so, one of them could be the source of your issue.

    Are you running any other type of proxy? If so, check there.

    Your error message indicates the curl utility cannot open an SSL connection to the Snort rules site. That site is hosted on AWS infrastructure. Make sure you are not behind a VPN when attempting to update. Many VPN providers have their IP space blocked by many service providers.

    0
  • S

    Thank you so much (again:)...)
    It was the proxy that we use, my problem though was that I white-listed the wrong interface...

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy