Skip to content
Snippets Groups Projects
Commit a4b0f5b5 authored by Tomáš Plesník's avatar Tomáš Plesník
Browse files

Merge branch 'master' of homeproj.cesnet.cz:warden

parents 47e20d2e 58f4dd70
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/warden-client/doc/README
+ 2
0
View file @ a4b0f5b5
...@@ -345,6 +345,8 @@ I. Functions, Arguments and Calls ...@@ -345,6 +345,8 @@ I. Functions, Arguments and Calls
# portscan - scannig of TCP/UDP ports # portscan - scannig of TCP/UDP ports
# bruteforce - bruteforce/dictionary attack against authentication # bruteforce - bruteforce/dictionary attack against authentication
# service(s) # service(s)
# probe - other connection attempts (for example ICMP) or
# unrecognized/undecided portscan or bruteforce
# spam - unsolicited e-mail that does not have phishing-like # spam - unsolicited e-mail that does not have phishing-like
# character # character
# phishing - e-mail attempting to gather sensitive data # phishing - e-mail attempting to gather sensitive data
......
src/warden-client/doc/README.cesnet
+ 2
0
View file @ a4b0f5b5
...@@ -128,6 +128,8 @@ D. Types of events ...@@ -128,6 +128,8 @@ D. Types of events
* portscan - TCP/UDP port scanning/sweeping * portscan - TCP/UDP port scanning/sweeping
* bruteforce - dictionary/bruteforce attack to services authentication * bruteforce - dictionary/bruteforce attack to services authentication
* probe - other connection attempts (for example ICMP) or
unrecognized/undecided portscan or bruteforce
* spam - unsolicited commercial email (except phishing) * spam - unsolicited commercial email (except phishing)
* phishing - email, trying to scam user to revealing personal information * phishing - email, trying to scam user to revealing personal information
(possibly by some other channel) (possibly by some other channel)
......
src/warden-server/etc/warden-server.conf
+ 1
1
View file @ a4b0f5b5
...@@ -42,5 +42,5 @@ $MAX_EVENTS_LIMIT = "1000000"; ...@@ -42,5 +42,5 @@ $MAX_EVENTS_LIMIT = "1000000";
# VALID_STRINGS - validation hash containing allowed event attributes # VALID_STRINGS - validation hash containing allowed event attributes
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
%VALID_STRINGS = ( %VALID_STRINGS = (
"type" => ["portscan", "bruteforce", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"], "type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
); );
src/warden-server/sh/install.sh
+ 1
1
View file @ a4b0f5b5
...@@ -232,7 +232,7 @@ make_server_conf() ...@@ -232,7 +232,7 @@ make_server_conf()
# VALID_STRINGS - validation hash containing allowed event attributes # VALID_STRINGS - validation hash containing allowed event attributes
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
%VALID_STRINGS = ( %VALID_STRINGS = (
\"type\" => [\"portscan\", \"bruteforce\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"], \"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
); );
" > $server_conf 2> $err; ret_val=`echo $?` " > $server_conf 2> $err; ret_val=`echo $?`
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment