PulledPork v0.7.3 - Making signature updates great again!

PulledPork v0.7.3 – Making signature updates great again!

PulledPork for Snort and Suricata rule management.
Features and Capabilities:
* Automated downloading, parsing, state modification and rule modification for all of your snort rulesets.
* Checksum verification for all major rule downloads
* Automatic generation of updated sid-msg.map file
* Capability to include your local.rules in sid-msg.map file
* Capability to pull rules tarballs from custom urls
* Complete Shared Object support
* Complete IP Reputation List support
* Capability to download multiple disparate rulesets at once
* Maintains accurate changelog
* Capability to HUP processes after rules download and process
* Aids in tuning of rulesets
* Verbose output so that you know EXACTLY what is happening
* Minimal Perl Module dependencies
* Support for Suricata, and ETOpen/ETPro rulesets
* A sweet smokey flavor throughout the pork!

pulledpork v0.7.3

pulledpork v0.7.3

Special Notes Section
Please note that pulledpork runs rule modification (enable, drop, disable, modify) in that order by default..
1: enable
2: drop
3: disable
This means that disable rules will always take precedence.. thusly if you specify the same gid:sid in enable and disable configuration files, then that sid will be disabled.. keep this in mind for ranges also! However, you can specify a different order using the state_order keyword in the master config file.

Usage and Download:

Source: https://github.com/shirkdog