From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Bug report - Snort
Date: Tue, 28 Oct 2014 01:45:35 +0100 [thread overview]
Message-ID: <1414457135.15920.282.camel@rice-oxley.tremer.info> (raw)
In-Reply-To: <544C68CD.70505@dailydata.net>
[-- Attachment #1: Type: text/plain, Size: 2274 bytes --]
Hi,
this hasn't been reported to me before.
The error message does not make much sense to me. It says that a
certificate issued by Thawte was also self-signed. This may just have
been a misconfiguration on their web server.
If that occurs to you again, feel free to open a bug report on our
Bugzilla.
-Michael
On Sat, 2014-10-25 at 22:21 -0500, R. W. Rodolico wrote:
> Occurs in at least Core Update 84 and 85. When setting up Snort, and
> choosing 'Sourcefire VRT rules for registered users', the following
> error comes up. This is with a valid oinkcode which I've replaced below
> with xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.:
> ======================================================================
> --2014-10-25 21:50:26--
> http://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Resolving www.snort.org (www.snort.org)... 50.19.124.119,
> 54.225.152.149, 54.243.242.66
> Connecting to www.snort.org (www.snort.org)|50.19.124.119|:80... connected.
> HTTP request sent, awaiting response... 301 Moved Permanently
> Location:
> https://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> [following]
> --2014-10-25 21:50:26--
> https://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Connecting to www.snort.org (www.snort.org)|50.19.124.119|:443... connected.
> WARNING: cannot verify www.snort.org's certificate, issued by
> '/C=US/O=Thawte, Inc./CN=Thawte SSL CA':
> Self-signed certificate encountered.
> HTTP request sent, awaiting response... 422 Unprocessable Entity
> 2014-10-25 21:50:26 ERROR 422: Unprocessable Entity.
> ======================================================================
>
> Visiting the URL's individually (with the oinkcode) results in the error
> message:
> ["File not found by name 'snortrules-snapshot-2960.tar.gz'"]
> These entries appear to be hard coded on line 265 of ids.cgi
> (/srv/web/ipfire/cgi-bin/ids.cgi)
>
> Updating with "Snort/VRT GPLv2 Community Rules" and "Emergingtrheats.net
> Community Rules" appear to work (I was not able to test the
> "Subscription" set since I do not have a subscription.
>
> Rod
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
prev parent reply other threads:[~2014-10-28 0:45 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-26 3:21 R. W. Rodolico
2014-10-28 0:45 ` Michael Tremer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1414457135.15920.282.camel@rice-oxley.tremer.info \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox