Monday, May 13, 2013

Another quick post - fix to aanval installer script

Hello AS users,

A recent message from an Autosnort user, sm00th brought a problem to my attention regarding the aanval installer script. I've discovered that there is a problem with the wget command used to download the aanval installer. This is what happens when I attempt to wget the file manually:

root@CG:~# wget -O aanval.tar.gz
--2013-05-13 16:13:59--
Resolving (
Connecting to (||:443... connected.
ERROR: no certificate subject alternative name matches
        requested host name `'.
To connect to insecurely, use `--no-check-certificate'.

There is some sort of a certificate problem with The wget command says to try using --no-check-certificate:

root@CG:~# wget -O aanval.tar.gz --no-check-certificate
--2013-05-13 16:14:27--
Resolving (
Connecting to (||:443... connected.
WARNING: no certificate subject alternative name matches
        requested host name `'.
HTTP request sent, awaiting response... 200 OK
Length: 6703589 (6.4M) [application/octet-stream]
Saving to: `aanval.tar.gz'

100%[=========================================================================================================================================================>] 6,703,589    586K/s   in 12s

2013-05-13 16:14:40 (529 KB/s) - `aanval.tar.gz' saved [6703589/6703589]

root@CG:~# echo $?

good news: This allows you to pick up the tarball for installing aanval
bad news: The certificate for isn't being checked -- this means we're still using SSL to connect to and pick up the package, but we aren't checking the certificate to see who signed it, and/or what site it was signed for.

Unfortnately, the problem is out of my hands. I submitted a quick fix to that adds the --no-check-certificate option to allow us to fix the package.



p.s. Yes, I'm still working on snorby. Hit a bit of a road bump. I thought I had the full installation down, and now, for some reason the snorby database refuses to update. at all. So, as I said before, I want to run through the entire snorby installation process without a single error. Once I can do that... I'll release the Ubuntu snorby script, then Debian, Then probably CentOS last.


No comments:

Post a Comment