Hello,
Since 18.7.7, I've been noticed that suricata does'nt download rules coming from abuse.ch.
For example:
rule-updater.py: download failed for https://feodotracker.abuse.ch/blocklist/?download=suricata
rule-updater.py: download failed for https://sslbl.abuse.ch/blacklist/dyre_sslipblacklist.rules
rule-updater.py: download failed for https://sslbl.abuse.ch/blacklist/sslipblacklist.rules
rule-updater.py: download failed for https://sslbl.abuse.ch/blacklist/sslblacklist.rules
Into the rules section, we can see that no new download had been completed for some days:
abuse.ch/Dyre SSL IPBL 2018/11/09 10:18 drop
abuse.ch/Feodo Tracker 2018/11/06 22:18 drop
abuse.ch/SSL Fingerprint Blacklist 2018/11/09 10:18 drop
abuse.ch/SSL IP Blacklist 2018/11/09 10:18 drop
Have you the same issue with 18.7.7 and suricata 4.0.6 ?
Thanks fo any idea !
Regards
The services of abuse.ch are down, see https://twitter.com/abuse_ch (https://twitter.com/abuse_ch)
QuoteSSLBL / SinkDB Update: I'm sorry to tell you guys that the said services (incl. the Feodo Tracker blacklist) will be down until at least Monday, Nov 19th 2018. The reason for the outage is a failed Debian dist upgrade on the backend server. Sorry for any inconvinience.
Hello,
Thanks for this news. So no issue coming from OPNsense.
Have a good we.
best regards
hmm is this why none of the rulessets download?
No. Other rulesets are downloading fine.
Just an issue with abuse.ch on specific subdomain.