PFSense / Snort Noo Guy - is this my problem



  • Installed pFSense on old PC, got the NAT and port forwarding sorted - now tryng to ban all those 'dodgy' sites so I installed snort ….

    But it is less than useless - I can't update it - the update page says I need a subscription, try to subscribe on the snort page and it isn't available, nor are snorts support forums.

    Is there something else I need to know ??

    By the way any tips for packages to block things like P2P, Instant Messaging, media streaming etc ... the Draytek 2800 that I have just retired was very good at this. Is there a package that will do 'content' inspection to check for sensitive info.



  • Your right.

    www.snort.org registration is down. From the security mailing lists.

    ==============================

    Hi everyone,

    We’ll be releasing the new Snort.org website tomorrow evening.  Part of the transition process includes migrating the Snort forums history and everyone’s user information. In order to ensure that we migrate all of the data, the following features will be unavailable beginning at 12:00 pm EDT and ending at approximately 6:00pm EDT
    -    Login
    -    Generating an Oinkcode
    -    Manual VRT Rules downloads
    -    New account registration
    -    Snort forums

    If you’re using Oinkmaster to update your rules, you will still be able to download the latest rule files.  All other content and functions of Snort.org will be maintained during the transition.

    Regards,

    Mike

    =======================



  • Thanks - will try again tomorrow then ….



  • Hi ,
    I obtain this error when i update : "snort rules: md5 signature of rules mismatch."
    hum …



  • I still can't sign up - at least you got that far !!

    Try to sign up - sorry that e-mail is taken –- er excuse me - HOW?

    OK  try to reset password

    BUT

    Does it ask for the subscribing E-Mail address - no - it asks for your username - and then tells you that it may or may not send an e-mail depending whether it finds the name or not .... how hard can some designers make things ...

    So I can't sign up and I can't sign in ... so I have removed the package for now.



  • I am still having this issue as of right now =)

    snort rules: md5 signature of rules mismatch.

    any updated news? or suggestion for how to correct?



  • Thanx for the heads up. Snort.org changed there md5 format to day to go along with there nice new website.

    From this > c2844479ed68cc0f13ab61f69e35bc7a

    To this > MD5 (snortrules-snapshot-2.8.tar.gz) = c2844479ed68cc0f13ab61f69e35bc7a

    Going have to code a fix after work.
    Man Snort Package is killing me this week.
    If they change it back after I code a fix, Im going on a vacation ASAP.

    james


  • Rebel Alliance Developer Netgate

    @jamesdean:

    Thanx for the heads up. Snort.org changed there md5 format to day to go along with there nice new website.

    From this > c2844479ed68cc0f13ab61f69e35bc7a

    To this > MD5 (snortrules-snapshot-2.8.tar.gz) = c2844479ed68cc0f13ab61f69e35bc7a

    Going have to code a fix.
    Man Snort Package is killing me this week.
    If they change it back after I code a fix, Im going on a vacation ASAP.

    james

    So code it to handle both ways  ;D

    If the line starts with MD5, split and grab the hash appropriately, otherwise, take the hash as-is.


Locked