Proofpoint just killed IDPs around the world with their update of ET rules
-
Last update from Proofpoint killed Snort. I wonder if we can get any protection against it, shouldn't IDP actually start and ignore offending rule?
2021-03-20 08:29:01 snort(daemon) FATAL ERROR: /usr/local/etc/snort/snort_51465_em1/rules/snort.rules(7835) Unable to process the IP address: [200.122.181.101,200.122.181.78,2001:40e8:0000:f091:0000:0000:0000:0100,2001:41,2001:41c8:0051:0490:feff:00ff:fe00:3214,2001:41d0:0001:777c:0200:c0a8:64b5:0000,2001:41d0:0001:81cf:0000:0000:0000:0001,2001:41d0:0001:8719:0000:0000:0000:0001,2001:41d0:0001:8b3b:0000:0000:0000:0001,2001:41d0:0002:1ecc:0000:0000:0000:0000].
-
@lutel i have the same problem. colored text
-
The rule has been fixed.. if you force update the rules now, Snort is happy again.