Snort Rules Auto Update - Not Working!
-
Hello All,
The auto update for rules does not seem to be working….If I do a "force" update, it gets the rules and works fine...Here is what I found in the logs:
Starting rules update... Time: 2014-07-31 12:23:24
Downloading Snort VRT rules md5 file snortrules-snapshot-2960.tar.gz.md5...
Snort VRT rules md5 download failed.
Server returned error code 422.
Server error message was:
Snort VRT rules will not be updated.
The Rules update has finished. Time: 2014-07-31 12:23:24I am using the latest package: 2.9.6.2 pkg v3.1.1
Would appreciate if someone could shed some light on this...
Thanks in advance.
-
Hello All,
The auto update for rules does not seem to be working….If I do a "force" update, it gets the rules and works fine...Here is what I found in the logs:
Starting rules update... Time: 2014-07-31 12:23:24
Downloading Snort VRT rules md5 file snortrules-snapshot-2960.tar.gz.md5…
Snort VRT rules md5 download failed.
Server returned error code 422.
Server error message was:
Snort VRT rules will not be updated.
The Rules update has finished. Time: 2014-07-31 12:23:24I am using the latest package: 2.9.6.2 pkg v3.1.1
Would appreciate if someone could shed some light on this...
Thanks in advance.
That's a strange error. Are you 100% sure you have the latest Snort package version installed? How about try removing and reinstalling the package. I highlighted the problem in bold maroon above. The cron job is trying to download the wrong version of the rules snapshot file. Snort 2.9.6.0 is EOL and thus that rules file is probably not there anymore. It should instead be trying to download the file snortrules-snapshot-2962.tar.gz.
The filename is hard-coded into the PHP code for the Snort package. Did you by chance manually edit something in the recent past to hard-code this older rules file version?
Bill
-
Thanks, Bill!
I am not sure what happened but it is now working!
-
Thanks, Bill!
I am not sure what happened but it is now working!
Sometimes the Snort.org web site has temporary issues.
Bill
