I dunno why that would happen on your box, the archive is fine (see below). Maybe something wrong with your tar, gzip or some other binary - or maybe whatever you downloaded it with munged up the archive - equally maybe your upload tool munged the archive? Hard to say, I recommend you download it directly.
$ wget
http://downloads.prometheus-group.com/d ... est.tar.gz
--2009-10-20 18:06:24--
http://downloads.prometheus-group.com/d ... est.tar.gz
Resolving downloads.prometheus-group.com...
74.208.97.167
Connecting to downloads.prometheus-group.com|74.208.97.167|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 257587 (252K) [application/x-gzip]
Saving to: `modsec-2.5-free-latest.tar.gz'
100%[======================================>] 257,587 76.7K/s in 3.3s
2009-10-20 18:06:34 (76.7 KB/s) - `modsec-2.5-free-latest.tar.gz' saved [257587/257587]
$ tar zxvf modsec-2.5-free-latest.tar.gz
modsec/
modsec/10_asl_rules.conf
modsec/domain-blacklist-local.txt
modsec/domain-spam-whitelist.txt
modsec/05_asl_scanner.conf
modsec/malware-blacklist-high.txt
modsec/malware-blacklist.txt
modsec/30_asl_antimalware.conf
modsec/40_asl_apache2-rules.conf
modsec/domain-blacklist.txt
modsec/30_asl_antispam_referrer.conf
modsec/11_asl_data_loss.conf
modsec/05_asl_exclude.conf
modsec/whitelist.txt
modsec/domain-spam-whitelist.conf
modsec/00_asl_rbl.conf
modsec/99_asl_exclude.conf
modsec/trusted-domains.txt
modsec/malware-blacklist-low.txt
modsec/50_asl_rootkits.conf
modsec/60_asl_recons.conf
modsec/30_asl_antispam.conf
modsec/00_asl_whitelist.conf
modsec/trusted-domains.conf
modsec/20_asl_useragents.conf
modsec/10_asl_antimalware.conf
modsec/sql.txt
modsec/99_asl_jitp.conf
modsec/malware-blacklist-local.txt
$ cd modsec
$ file 00_asl_rbl.conf
00_asl_rbl.conf: ASCII English text
$ cat 00_asl_rbl.conf
#
http://www.atomicorp.com/
# Atomicorp (Gotroot.com) ModSecurity rules
# RBL rules
#
# Created by Prometheus Global (
http://www.prometheus-group.com)
# Copyright 2005-2009 by Prometheus Global, all rights reserved.
# Redistribution is strictly prohibited in any form, including whole or in part.
# Distribution of this work or derivative of this work in any form is
# prohibited unless prior written permission is obtained from the
# copyright holder.
#
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS AS IS
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
# THE POSSIBILITY OF SUCH DAMAGE.
#
#---ASL-CONFIG-FILE---
#Global RBL rules
SecRule REMOTE_ADDR "!@pmFromFile /etc/asl/whitelist" \
"chain,deny, log, id:350000,rev:2,msg:'Atomicorp.com WAF Rules - FREE/UNSUPPORTED VERSION - Global RBL Match: IP is on the xbl.spamhaus.org Blacklist',severity:'3'"
SecRule REMOTE_ADDR "@rbl xbl.spamhaus.org"
#Additional RBLs are available in the Real Time Rules
#Such as TOR exit nodes, open proxies, and more
So the archive is fine. Maybe your cache is munged somewhere? I'd try downloading the free/unsupported rules directly on your servers with wget.
<<\xfbI\x90pC\xca\xf4\xd9E\xd9p\x85\xcd~b\xd5\xbd> was not closed.\n/etc/httpd/modsecurity.d/00_asl_rbl.conf
<@\x98\x1fd\x81\xf2\xcc\x8c\xc88<G\xa8\x82c\x88D\xb8+\xedg\x8b\x1dD!\xca\xda\x06\xc6AeW\\\xfbX\xbd\xaf\xddU\xf2?\xe1m\xad;\xfb\xf2\xa3n\x87\xa2\x15\x96\xf8\xcd\x94(zV\b\xe2\xc87\xf0k/\x8e\xc7(J\x89\xeb> was not closed.\n/etc/httpd/modsecurity.d/00_asl_rbl.conf:834: <\x07\xef\x9c\xc8v\xc1\x8eD\x90> was not closed.\n/etc/httpd/modsecurity.d/00_asl_rbl.conf:641: <+\x88\x16.\xc6*\x96G'c\x98\xaf\x8aTlG\x11\x97K\x99\xdc*\xec\x93\x19\xa6\xb1\x1cnY\x06\x98\xafC4\xb6\xa3\x8a\x13\x86kq\x99H=\xab\xce\x92E\x9f\xf3\xb0e,\xe0\xa5\x98\xc6\x96"\x1a\xdbQD8SQ\x93\x99> was not closed.\n/etc/httpd/modsecurity.d/00_asl_rbl.conf:467: <\x7f1\xf2\x16\xa4C\xdb\x02\xdb\xe5\x18\xa6\xb5\x88\x82\xb9\x8b\x0f\x8a\x1b\xd5\x99p\x94\xc0\x8f\xc0\xc2\xd7,\xb0\x18w`\x0f3> was not closed.
