Snort subscriber rules failing to download
-
I'm seeing some curious behavior here:
Starting rules update... Time: 2021-12-23 17:38:25
Downloading Snort Subscriber rules md5 file snortrules-snapshot-29180.tar.gz.md5...
Snort Subscriber rules md5 download failed.
Server returned error code 422.
Server error message was:
Snort Subscriber rules will not be updated.
Downloading Emerging Threats Open rules md5 file emerging.rules.tar.gz.md5...
Checking Emerging Threats Open rules md5 file...
Emerging Threats Open rules are up to date.Yet when I go to look at what's at snort.org, here are the versions available to download:
snortrules-snapshot-29171.tar.gz
snortrules-snapshot-29181.tar.gz
snortrules-snapshot-29190.tar.gzWhere is it getting the package version and why is it failing to find one that exists?
-
@garyd said in Snort subscriber rules failing to download:
Where is it getting the package version and why is it failing to find one that exists?
You have to update your Snort Package to version 4.1.5 :-)
Merry Christmas
fireodo -
As @fireodo stated, you will need to update the Snort package to version 4.1.5. That package contains the latest 2.9.19.0 version of the Snort binary.
Snort rules are tied to the binary version. And periodically the Snort team drops support for older binaries, and thus those rules are also removed from the download site.
-
That fixed it — thanks everyone & happy holidays!