snort-users May 2009 archive
Main Archive Page > Month Archives  > snort-users archives
snort-users: Re: [Snort-users] VRT Rules snapshot-CURRENT.tar.gz

Re: [Snort-users] VRT Rules snapshot-CURRENT.tar.gz Download Error?

From: Jack Pepper <pepperjack_at_nospam>
Date: Fri May 29 2009 - 20:47:51 GMT

Quoting "Jefferson, Shawn" <>:

> what you mean by rule manipulation) as well. So I guess my initial
> question still stands: does anyone want to share a script that
> checks the MD5 first?

How about this:

wget -q -O "${SNORTDIR}/"${OINK}/snortrules-snapshot-2.8.tar.gz.md5 if [ $? -ne 0 ] ; then echo "MD5 download failed" exit
OLDSUM=`md5sum ${SNORTDIR}/ | awk '{print $1}'` NEWSUM=`awk 'NF == 4 && $3 == "=" {print $NF;}' ${SNORTDIR}/`
if [ $OLDSUM == $NEWSUM ] ; then

         echo "No rule changes"

         cp -p ${SNORTDIR}/ ${SNORTDIR}/snortrules.tar.gz.old

         wget -O "${SNORTDIR}/"${OINK}/snortrules-snapshot-2.8.tar.gz if [ $? -ne 0 ] ; then echo "snort rules download failed" exit fi

If the format of the MD5 file ever changes we're screwed, but here's what i'll be using until then.

jp -- Framework? I don't need no stinking framework! ---------------------------------------------------------------- @fferent Security Labs: Isolate/Insulate/Innovate ------------------------------------------------------------------------------ Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT is a gathering of tech-side developers & brand creativity professionals. Meet the minds behind Google Creative Lab, Visual Complexity, Processing, & iPhoneDevCamp as they present alongside digital heavyweights like Barbarian Group, R/GA, & Big Spaceship. _______________________________________________ Snort-users mailing list Go to this URL to change user options or unsubscribe: Snort-users list archive: