Unable to download snort rules
-
HI
I recently added pfsense to our production environment.I have installed packages : Snort 2.8.6 pkg v. 1.27
after i configured snort, When i am updating the rules, its only installed emerging rules, which is bellow :
emerging-attack_response.rules
emerging-compromised.rules
emerging-current_events.rules
emerging-dos.rules
emerging-drop.rules
emerging-dshield.rules
emerging-exploit.rules
emerging-game.rules
emerging-inappropriate.rules
emerging-malware.rules
emerging-p2p.rules
emerging-policy.rules
emerging-rbn.rules
emerging-scan.rules
emerging-tor.rules
emerging-user_agents.rules
emerging-virus.rules
emerging-voip.rules
emerging-web.rules
emerging-web_client.rules
emerging-web_server.rules
emerging-web_specific_apps.rules
emerging-web_sql_injection.rules
emerging.rules
pfsense-voip.rulesBut It does not download any rules from Snort.org
How will i be able to download snort rules ???Thanks for your advise .
I have attached the picture
-
Update Snort to 2.8.6 pkg v. 1.30.
Save - Global Settings.
Then try Update rules. -
Hi thanks for the quick response
But how will i update to 1.30. I am not seeing any options to update
Bellow information is from ,installed packages list.
snort Security
Package Info Current: 2.8.6 pkg v. 1.30
Installed: 2.8.6 pkg v. 1.27Description
Used by fortune 500 companies and governments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. [Remove this package.]
[Reinstall this package.] [Reinstall this package's GUI components.] -
First, In Services: Snort.., select - Keep snort settings after deinstall and save the Global settings
This will store old snort settings and applies that settings back, after the snort is updated.Click on [Reinstall this package.] from Installed packages list.
Wait for the installation to complete. Check Global Settings and then Save.
In snort interfaces tab, stop the snort service (I do like that ::)), then try for update rules.
After updating rules start the snort service. -
HI thanks
I updated the snort to 1.30Snort service is stoped.
Now i am trying to update rules, its wait for couple of minutes but then it does not update anythingits saying : The rules directory is empty.(Snort->Rule update)
WARNING: The main rules directory is empty. /usr/local/etc/snort/rulesIf i go to : SnortInterface->WanInterface->category-> # The rules directory is empty. /usr/local/etc/snort/snort_63732_re0/rules
what to do now ?
thanks for your help -
NOp, it downloading,
After reinstall, i did not press Save on Global settingS!!!!after i press save on global settings, its downloading
Thanks