snort-users October 2011 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: Re: [Snort-users] Snort Wget Failure (can't resolve

Re: [Snort-users] Snort Wget Failure (can't resolve

From: Carney, Megan <Megan.Carney_at_nospam>
Date: Thu Oct 06 2011 - 16:12:56 GMT
To: "" <>

I haven't had this exact problem but I have had odd problems downloading the rulesets.

I use oinkmaster to manage the rulesets and when I run the command to update the rules (/usr/sbin/oinkmaster -i -C /etc/oinkmaster.conf -C /etc/autodisable.conf -o /etc/snort/rules/ -b /etc/snort/backup/) I get this error:
/usr/sbin/oinkmaster: Error: incorrect URL: "[redacted]/

But if I visit that URL manually with wget the ruleset downloads just fine.

Sorry I can't help with your specific problem. . .but I thought it might help if you knew you're not the only one having odd issues with downloading the rulesets.

From: Todd Booth []
Sent: Friday, September 23, 2011 3:53 AM
Subject: [Snort-users] Snort Wget Failure (can't resolve


I've configured snort, on my Vyatta network/security device but the initial downloading of rules fails. I surfed the net and see other users (without Vyatta) are having the same problems.

Here is the initial wget

wget<my snort oink code>/snortrules-snapshot-2905.tar.gz<>

Here is the error:

--2011-09-23 08:45:27--<my<> snort oink code>/snortrules-snapshot-2905.tar.gz
Resolving<>... failed: Name or service not known.
wget: unable to resolve host address `'

However if I ping<> from my Vyatta, I get the ip address resolved as

So in my new wget, I replaced<> with, as follows

vyatta_at_Vyatta1:~$ wget<my<> oink code>/snortrules-snapshot-2905.tar.gz
--2011-09-23 07:55:21--<my<> oink code>/snortrules-snapshot-2905.tar.gz
Connecting to connected.
HTTP request sent, awaiting response... 302 Found
JUAQj%2Bn1Y65X3zmVFuq6ozSlPUo%3D [following]
--2011-09-23 07:55:24--
Resolving failed: Name or service not known.
wget: unable to resolve host address `'

So I do a wget to<> and I get referred to

However is also not resolved. So I try ping and get the ip address address and plug that in to the above 2nd wget


Then I get the following error:
HTTP request sent, awaiting response... 403 Forbidden
2011-09-23 08:50:47 ERROR 403: Forbidden.

Is this a problem with wget? Or is this a problem with the configuration at<>?

Thanks and Regards,
[Description: Description: cid:image002.jpg@01CB97C3.BFF2AC00][Description: Description: Description: Description: cid:image002.png@01CB3D84.E32FF720]

[Description: Description: Description: Description: cid:image003.png_at_01CB3D84.E32FF720]<> LuleŚ Technology University<>
Teacher, Research Engineer and Lecturer Todd Booth

Department<>: Computer Science, Electrical and Space Engineering, CSEE (SKE/SRT)
Division<>: Computer Science
Specialty: Computer and System Science / Information Security<>
Courses: A0004N Information Security<> and A7011N Internet Security<>

Direct: +46-910-585 324
Mobile: +46-76-346 3459

All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.

Snort-users mailing list
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit to stay current on all the latest Snort news!