The Snort community welcomes a new version of PulledPork on GitHub today.
Version 0.7.4 now supports Snort 3 and points to the new, correct, location of the IP blocklist. PulledPork is a Perl script that allows users to download new rules as soon as new vulnerabilities or exploits are discovered.
Here are some of the other changes in this version:
- Supports updating of Snort 3.0 signatures (0.8 will be released when Snort 3.0 moves out of BETA).
- Fixed some of the logic to allow updating with Perl on Windows
- ability to modify rules via regex in modifysid.conf
- Removal of opensource.gz processing (will speed up signature updating)
- Updated OS Distro list to match so_rules
- Added error checking around writing to directories that do not exist (i.e., block_list)
- Updated for new location of block list