[Oisf-users] Bluecoat proxy is kicking my rule download

dev devuan.2 at gmail.com
Mon Nov 20 19:25:24 UTC 2017

I've been using Oinkmaster (pending a switch to suricata-rule-update)
for nightly downloads of emerging.rules.tar.gz. Over the weekend,
something changed where our Bluecoat proxy on the edge is now blocking
the URL
http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz. I
don't know if this is due to a proxy configuration or something with an
updated ruleset.

I spoke with the tech who manages the proxy and he suggested using the
"suricata-1.3-enhanced" directory to retrieve the rules

I'm not so sure this is a good idea so want to ask what the difference
in rulesets is between the 1.0, 1.3 and 1.3-enhanced?  Also, is this a
wise workaround?


More information about the Oisf-users mailing list