FYI -- If you experience issues updating rules with latest Snort and Suricata updates, read this!

IDS/IPS
Log in to reply
  • bmeeks

    The majority of users will likely be fine. But if you happen to experience issues updating your Snort or Suricata rules upon installing the package updates posted today (Snort-3.2.9.10_3, Suricata-5.0.2_1 or Suricata4-4.1.7_2), then read on.

    There was a bug in the code that chooses a random minutes value for the update time. If the random minutes value was less than 10, the code would not properly pad the resulting string so that it was always two digits. In other words, it would fail to change "9" to "09". If the random number chosen was greater than 10, then no problem occurred.

    If you are impacted by this bug, it will likely show up as an error either on the GLOBAL SETTINGS tab when viewing the value or maybe the rules update cron task might throw an error.

    If either of these occur, the fix is simple. Go to the GLOBAL SETTINGS tab and scroll down to the Rules Update Start Time field. Make sure that both the hours and minutes values are two digits each padded with zeroes if required. Save the change. A fix for this is posted for review and merge and will show up in the next package updates for all the IDS/IPS packages.

    1

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy