Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --- suricata_default.yaml 2018-05-20 11:34:57.618505320 -0600
- +++ suricata_update.yaml 2018-05-20 12:02:57.172759069 -0600
- @@ -33,6 +33,7 @@
- MODBUS_SERVER: "$HOME_NET"
- ENIP_CLIENT: "$HOME_NET"
- ENIP_SERVER: "$HOME_NET"
- + DC_SERVERS: "$HOME_NET"
- port-groups:
- HTTP_PORTS: "80"
- @@ -49,63 +50,10 @@
- ## Step 2: select the rules to enable or disable
- ##
- -default-rule-path: /etc/suricata/rules
- +
- +default-rule-path: /var/lib/suricata/rules
- rule-files:
- - - botcc.rules
- - # - botcc.portgrouped.rules
- - - ciarmy.rules
- - - compromised.rules
- - - drop.rules
- - - dshield.rules
- -# - emerging-activex.rules
- - - emerging-attack_response.rules
- - - emerging-chat.rules
- - - emerging-current_events.rules
- - - emerging-dns.rules
- - - emerging-dos.rules
- - - emerging-exploit.rules
- - - emerging-ftp.rules
- -# - emerging-games.rules
- -# - emerging-icmp_info.rules
- -# - emerging-icmp.rules
- - - emerging-imap.rules
- -# - emerging-inappropriate.rules
- -# - emerging-info.rules
- - - emerging-malware.rules
- - - emerging-misc.rules
- - - emerging-mobile_malware.rules
- - - emerging-netbios.rules
- - - emerging-p2p.rules
- - - emerging-policy.rules
- - - emerging-pop3.rules
- - - emerging-rpc.rules
- -# - emerging-scada.rules
- -# - emerging-scada_special.rules
- - - emerging-scan.rules
- -# - emerging-shellcode.rules
- - - emerging-smtp.rules
- - - emerging-snmp.rules
- - - emerging-sql.rules
- - - emerging-telnet.rules
- - - emerging-tftp.rules
- - - emerging-trojan.rules
- - - emerging-user_agents.rules
- - - emerging-voip.rules
- - - emerging-web_client.rules
- - - emerging-web_server.rules
- -# - emerging-web_specific_apps.rules
- - - emerging-worm.rules
- - - tor.rules
- -# - decoder-events.rules # available in suricata sources under rules dir
- -# - stream-events.rules # available in suricata sources under rules dir
- - - http-events.rules # available in suricata sources under rules dir
- - - smtp-events.rules # available in suricata sources under rules dir
- - - dns-events.rules # available in suricata sources under rules dir
- - - tls-events.rules # available in suricata sources under rules dir
- -# - modbus-events.rules # available in suricata sources under rules dir
- -# - app-layer-events.rules # available in suricata sources under rules dir
- -# - dnp3-events.rules # available in suricata sources under rules dir
- -# - ntp-events.rules # available in suricata sources under rules dir
- + - suricata.rules
- classification-file: /etc/suricata/classification.config
- reference-config-file: /etc/suricata/reference.config
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement