[Oisf-users] Rule Sets
Brant Wells
bwells at tfc.edu
Mon Jul 11 15:24:01 UTC 2011
Hi All,
Not sure if this should be posted on the dev list or the users lists, so I
thought I'd ask here first...
I'd like to use the Emerging Threats open rule sets for Suricata. However,
when I updated the rules, now when I run Suricata, with --init-errors-fatal,
I get
[ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Error parsing signature "alert udp
$EXTERNAL_NET any -> $HOME_NET 514 (msg:"ET DOS Cisco 514 UDP flood DoS";
content:"|25 25 25 25 25 58 58 25 25 25 25 25|"; classtype: attempted-dos;
reference:url,www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml;
reference:url,doc.emergingthreats.net/bin/view/Main/2000010; reference:url,
www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Cisco_514_UDP_DoS;
sid:2000010; rev:11;)" from file /etc/suricata/rules/emerging-dos.rules at
line 54
A ton of rule errors like that. How can I find / fix them? I am running
1.1 beta 2 (rev 047b19d) from the git repo...
See Yas!
~Brant
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20110711/8c64a2d5/attachment-0002.html>
More information about the Oisf-users
mailing list