Jump to content

Uname is not recognized as internal or external command

Radu Surugiu

By Radu Surugiu
in Rule Management - Pulledpork

 Share

Recommended Posts

Radu Surugiu Newbie

Radu Surugiu

Posted
Posted

trying to update rules with Pulledpork after following tutorial

'uname' is not recognized as an intenal or external command.

The specified Snort binary does not exist.

Please correct the value or specify the FULL rules tarball name in pulledpork.conf!

at d:\winids\pulledpork\pulledpork.pl line 1932

Radu Surugiu Newbie

Radu Surugiu

Posted
  • Author
Posted

Yes, sorry my mistake, I corrected the error (was missing snort _version which is 2.9.7.5 in my case and now I am getting 

error 422 when fetching snortrules-snapshot-2975.tar.gz.md5 at pulledpork.pl line 517

I will check again all pulledpork.conf file

Radu Surugiu Newbie

Radu Surugiu

Posted
  • Author
Posted

I changed the version of snort in the pulledpork.conf file to 2.9.8.0 and now it is downloading. I still have the version of snort I installed probably 9 month ago, 2.9.7.5. My understanding is they should match, but aparently version 2.9.7.5 of the rules does not esist anymore. Does it mean I have to upgrade all the time Snort to a newer version to make this work?

Thank you,

Radu Surugiu Newbie

Radu Surugiu

Posted
  • Author
Posted (edited)

I did the upgrade, I think I followed all steps, but now when testing snort.conf I am getting a fatal error  

ERROR: d:\winids\snort\etc\snort.conf(326) => Invalid keyword '}' for server
configuration.

Thank you,

I am using the version 2.9.9.0 that I downloaded yesterday.

Edited by Radu Surugiu
added comment
Radu Surugiu Newbie

Radu Surugiu

Posted
  • Author
Posted

It worked. But then I got another error on line 509,

blacklist $BLACK_LIST_PATH/black_list.rules

because in rules folder the black_list.rules file does not exist, it is now bkacklist.rules, so I had to change to 

blacklist $BLACK_LIST_PATH/blacklist.rules, and now the configuration was validated.

Thank you again.

Radu Surugiu Newbie

Radu Surugiu

Posted
  • Author
Posted

Well, configuration is validated but now after restarting system I get an error in barnyard2,

 warning can't extract timestamp extension from 'merged.log' using base 'merged.log'.

I really dont know where to go from there, maybe I should do a fresh install (instead of update from old version) with latest version (2990)? when I installed it initially I did not run in so many errors.

Thank you

Morpheus Newbie

Morpheus

Posted
Posted
On ‎1‎/‎5‎/‎2017 at 10:45 AM, Radu Surugiu said:

It worked. But then I got another error on line 509,

blacklist $BLACK_LIST_PATH/black_list.rules

because in rules folder the black_list.rules file does not exist, it is now bkacklist.rules, so I had to change to 

blacklist $BLACK_LIST_PATH/blacklist.rules, and now the configuration was validated.

Thank you again.

You failed to follow the tutorial, which is the reason for this problem.

On ‎1‎/‎5‎/‎2017 at 11:23 AM, Radu Surugiu said:

Well, configuration is validated but now after restarting system I get an error in barnyard2,

 warning can't extract timestamp extension from 'merged.log' using base 'merged.log'.

I really dont know where to go from there, maybe I should do a fresh install (instead of update from old version) with latest version (2990)? when I installed it initially I did not run in so many errors.

Thank you

Stop barnyard2, stop Snort, delete everything in the snort/log folder, and restart.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...