[Emerging-Sigs] PulledPork 0.5.0 the Drowning Rat is now floating in the wild!

Matthew Jonkman jonkman at emergingthreatspro.com
Thu Oct 21 19:50:06 EDT 2010


Thanks JJ! We really appreciate the ET Pro support and adaptions for the new ET open distribution url's.

We encourage upgrading!

Matt

On Oct 21, 2010, at 3:39 PM, JJC wrote:

> Excerpt from the CHANGELOG is below, more information is available at:
> http://global-security.blogspot.com/2010/10/haz-drowning-rat-pulledpork-050-is-now.html
> 
> Tarball is here:
> http://pulledpork.googlecode.com/files/pulledpork-0.5.0.tar.gz
> MD5SUM = 60c0abe78945876c643760b3bb2afdb6
> SHA256 = 9e69873d737e4fc8dfd9b3a98316e4ff41bd8c4accda72f18036b96568c48872
> 
> Thanks to the community for the continued support, feature requests,
> and contributions... you guys are awesome!
> 
> changelog excerpt:
> New Features / changes:
> - Automatic VRT tarball name determination (based on local Snort
> Version but can be hard coded)
> - Full support for ET Pro rulesets
> - Full support for new ET Download scheme
> - Issue #27 Modifysid capability
> - Capability to retrieve multiple rulesets in a single run
> - Issue #24 Added verbose output showing all requests, results and urls
> - Verbose output now shows percentage bar for downloads
> - Extra Verbose output now shows additional HTTP debug!
> - Set value in default.conf file to https for VRT downloads
> - Set UA Value to (PulledPork/X.X.X)
> - Capability to log critical information to syslog
> - Grabonly option, for those that only want to download the tarball(s)
> - Issue #34 Added the capability to specify the order of disable / enable / drop
> 	using the state_order configuration option in the master config file
> - Added a contrib directory
> - Added oink-conv.pl to contrib directory
> 	* converts oinkmaster config files to PP config files
> 	* Thx Russell Fulton!
> - Added README.CONTRIB to track contrib files (ohai manifest)
> - Perl Modue Requirement Changes (SEE SECTION BELOW)
> - Issue #38 Added capability to extract reference docs from tarball and
> 	store in a defined path, NOTE this dramatically increases PP runtime
> 	* runtime value is -r
> 
> Bug Fixes:
> - Should now correctly use environmentally set proxy settings
> 	* Shout to pkthound for his work and contribution here!
> - Fixed case where rules with multiple flowbit (un)?set values would not
> 	properly populate all of the flowbit values into the rules hash
> - Bug #29 - fixed to allow for proper sid-msg.map generation
> - Bug #28 - fixed numerous spellification issues
> - Bug #32 - fixed to allow for so stub generation in nodownload and
> !nodownload case
> 
> 
> Perl Module Requriement Changes:
> - LWP::Simple no longer
> - LWP::UserAgent now required
> - HTTP::Request now required
> - HTTP::Status now required
> - SYS::Syslog now required
> - Crypt::SSLeay now required
> - Carp now required
> 
> Cheers,
> JJC
> 
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
> 
> Support Emerging Threats! Get your ET Stuff! Tshirts, Coffee Mugs and Lanyards
> http://www.emergingthreats.net/index.php/support-et-and-buy-et-schwag.html


----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 765-807-8630
Fax 312-264-0205
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc





More information about the Emerging-sigs mailing list