Sign in to follow this  
Followers 0
Radu Surugiu

Uname is not recognized as internal or external command

10 posts in this topic

trying to update rules with Pulledpork after following tutorial

'uname' is not recognized as an intenal or external command.

The specified Snort binary does not exist.

Please correct the value or specify the FULL rules tarball name in pulledpork.conf!

at d:\winids\pulledpork\pulledpork.pl line 1932

Share this post


Link to post
Share on other sites

uname is not relevant to Windows, bypass warning.

The other error means the pulledpork.conf has not been configured per the tutorial.

Share this post


Link to post
Share on other sites

Yes, sorry my mistake, I corrected the error (was missing snort _version which is 2.9.7.5 in my case and now I am getting 

error 422 when fetching snortrules-snapshot-2975.tar.gz.md5 at pulledpork.pl line 517

I will check again all pulledpork.conf file

Share this post


Link to post
Share on other sites

I changed the version of snort in the pulledpork.conf file to 2.9.8.0 and now it is downloading. I still have the version of snort I installed probably 9 month ago, 2.9.7.5. My understanding is they should match, but aparently version 2.9.7.5 of the rules does not esist anymore. Does it mean I have to upgrade all the time Snort to a newer version to make this work?

Thank you,

Share this post


Link to post
Share on other sites

I did the upgrade, I think I followed all steps, but now when testing snort.conf I am getting a fatal error 

ERROR: d:\winids\snort\etc\snort.conf(326) => Invalid keyword '}' for server
configuration.

Thank you,

I am using the version 2.9.9.0 that I downloaded yesterday.

Edited by Radu Surugiu
added comment

Share this post


Link to post
Share on other sites

You need to hash out line 325: # decompress_swf { deflate lzma } \

Share this post


Link to post
Share on other sites

It worked. But then I got another error on line 509,

blacklist $BLACK_LIST_PATH/black_list.rules

because in rules folder the black_list.rules file does not exist, it is now bkacklist.rules, so I had to change to 

blacklist $BLACK_LIST_PATH/blacklist.rules, and now the configuration was validated.

Thank you again.

Share this post


Link to post
Share on other sites

Well, configuration is validated but now after restarting system I get an error in barnyard2,

 warning can't extract timestamp extension from 'merged.log' using base 'merged.log'.

I really dont know where to go from there, maybe I should do a fresh install (instead of update from old version) with latest version (2990)? when I installed it initially I did not run in so many errors.

Thank you

Share this post


Link to post
Share on other sites
On ‎1‎/‎5‎/‎2017 at 10:45 AM, Radu Surugiu said:

It worked. But then I got another error on line 509,

blacklist $BLACK_LIST_PATH/black_list.rules

because in rules folder the black_list.rules file does not exist, it is now bkacklist.rules, so I had to change to 

blacklist $BLACK_LIST_PATH/blacklist.rules, and now the configuration was validated.

Thank you again.

You failed to follow the tutorial, which is the reason for this problem.

On ‎1‎/‎5‎/‎2017 at 11:23 AM, Radu Surugiu said:

Well, configuration is validated but now after restarting system I get an error in barnyard2,

 warning can't extract timestamp extension from 'merged.log' using base 'merged.log'.

I really dont know where to go from there, maybe I should do a fresh install (instead of update from old version) with latest version (2990)? when I installed it initially I did not run in so many errors.

Thank you

Stop barnyard2, stop Snort, delete everything in the snort/log folder, and restart.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0