[Oisf-users] Bluecoat proxy is kicking my rule download

Victor Julien lists at inliniac.net
Mon Nov 20 19:52:49 UTC 2017


On 20-11-17 20:25, dev wrote:
> Hi,
> I've been using Oinkmaster (pending a switch to suricata-rule-update)
> for nightly downloads of emerging.rules.tar.gz. Over the weekend,
> something changed where our Bluecoat proxy on the edge is now blocking
> the URL
> http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz. I
> don't know if this is due to a proxy configuration or something with an
> updated ruleset.
> 
> I spoke with the tech who manages the proxy and he suggested using the
> "suricata-1.3-enhanced" directory to retrieve the rules
> instead.(http://rules.emergingthreats.net/open/suricata-1.3-enhanced/emerging.rules.tar.gz).
> 
> 
> I'm not so sure this is a good idea so want to ask what the difference
> in rulesets is between the 1.0, 1.3 and 1.3-enhanced?  Also, is this a
> wise workaround?

Perhaps you can try the https url instead? Same url but https.


-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------




More information about the Oisf-users mailing list