Actions
Bug #3161
closedSet no-checksum option for default lists
Affected Versions:
Effort:
Difficulty:
Label:
Description
The new no-checksum option needs to be defaulted for the following ootb lists...
Sep 10 04:04:52 demo2 updateIDSRules[5341]: 2019-09-10 04:04:52,165 - <INFO> - Checking https://raw.githubusercontent.com/travisbgreen/hunting-rules/master/hunting.rules.md5. Sep 10 04:04:52 demo2 updateIDSRules[5341]: 2019-09-10 04:04:52,295 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found Sep 10 04:05:11 demo2 updateIDSRules[5341]: 2019-09-10 04:05:11,695 - <INFO> - Checking https://sslbl.abuse.ch/blacklist/sslblacklist.rules.md5. Sep 10 04:05:11 demo2 updateIDSRules[5341]: 2019-09-10 04:05:11,794 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found Sep 10 04:05:12 demo2 updateIDSRules[5341]: 2019-09-10 04:05:12,127 - <INFO> - Checking https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules.md5. Sep 10 04:05:12 demo2 updateIDSRules[5341]: 2019-09-10 04:05:12,290 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found Sep 10 04:05:15 demo2 updateIDSRules[5341]: 2019-09-10 04:05:15,943 - <INFO> - Checking https://rules.emergingthreats.net/blockrules/emerging-drop.suricata.rules.md5. Sep 10 04:05:16 demo2 updateIDSRules[5341]: 2019-09-10 04:05:16,176 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found Sep 10 04:05:16 demo2 updateIDSRules[5341]: 2019-09-10 04:05:16,467 - <INFO> - Checking https://openinfosecfoundation.org/rules/trafficid/trafficid.rules.md5. Sep 10 04:05:16 demo2 updateIDSRules[5341]: 2019-09-10 04:05:16,610 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found Sep 10 04:05:16 demo2 updateIDSRules[5341]: 2019-09-10 04:05:16,737 - <INFO> - Checking https://security.etnetera.cz/feeds/etn_aggressive.rules.md5. Sep 10 04:05:18 demo2 updateIDSRules[5341]: 2019-09-10 04:05:18,055 - <WARNING> - Failed to check remote checksum: HTTP Error 404: Not Found
Additionally, the option should be applicable to the enable-source command to allow omitting MD5 downloads when they exist.
Actions