Pulled Pork – Suricata & Snort Rule Management

Keep on Guard!

Pulled Pork is a PERL based tool for Suricata and Snort rule management – it can determine your version of Snort and automatically download the latest rules for you.

Pulled Pork - Suricata & Snort Rule Management

The name was chosen because simply speaking, it Pulls the rules. Using a regular crontab you can keep your Snort or Suricata rules up to date automatically.

Features and Capabilities

Pulledpork 0.7.2 has been tested and works with Snort 3.1.3 and the Snort Registered rules/ETOpen/ETPro rulesets.

  • Automated downloading, parsing, state modification and rule modification for all of your snort rulesets.
  • Checksum verification for all major rule downloads
  • Automatic generation of updated sid-msg.map file
  • Capability to include your local.rules in sid-msg.map file
  • Capability to pull rules tarballs from custom urls
  • Complete Shared Object support
  • Complete IP Reputation List support
  • Capability to download multiple disparate rulesets at once
  • Maintains accurate changelog
  • Capability to HUP processes after rules download and process
  • Aids in tuning of rulesets
  • Verbose output so that you know EXACTLY what is happening
  • Minimal Perl Module dependencies
  • Support for Suricata, and ETOpen/ETPro rulesets


You can download Pulled Pork here:


Or read more here.

Posted in: Countermeasures, Network Hacking, Security Software

, , , , , , ,

Recent in Countermeasures:
- Microsoft Azure Web Application Firewall (WAF) Launched
- mongoaudit – MongoDB Auditing & Pen-testing Tool
- Why Are Hackers Winning The Security Game?

Related Posts:

Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 120,638 views
- Password Hasher Firefox Extension - 118,164 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,805 views

Comments are closed.