logcheck: Temporarily ignore the worst noise from snort.

author: Jonas Smedegaard <dr@jones.dk> 2002-02-26 16:51:50 +0000
committer: Jonas Smedegaard <dr@jones.dk> 2002-02-26 16:51:50 +0000
commit: 61c68239183352ecb4abc8e89c117e87ac4d0d38 (patch)
tree: 449c6535d249f3a328cf382facce9f816832f0ed
parent: 9beaf5a64c4f8c5b12808e73b10e6bf97278bfce (diff)
2 files changed, 3 insertions, 0 deletions
diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp
index 0acc93f..f4d5603 100644
--- a/logcheck/ignore.d.server/tmp
+++ b/logcheck/ignore.d.server/tmp
@@ -34,3 +34,5 @@ sshd\[.*\]: packet_set_maxsize: setting to 4096
 dhcpd-2.2.x: BOOTREQUEST from 00:20:6b:18:20:35
 dhcpd-2.2.x: No applicable record for BOOTP host 00:20:6b:18:20:35
 postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
+snort: spp_http_decode: IIS Unicode attack detected:
+snort: spp_portscan: portscan status from
diff --git a/logcheck/violations.ignore.d/temp b/logcheck/violations.ignore.d/temp
index 52c886f..44128ce 100644
--- a/logcheck/violations.ignore.d/temp
+++ b/logcheck/violations.ignore.d/temp
@@ -16,3 +16,4 @@ pumpd\[.*\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
 postfix/smtpd\[.*\]: reject: .*: 550 <.*>: User unknown; .*
 postfix/smtpd\[.*\]: reject: .*: 554 <.*>: Recipient address rejected: User unknown; .*
 postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
+snort: spp_http_decode: IIS Unicode attack detected:
author	Jonas Smedegaard <dr@jones.dk>	2002-02-26 16:51:50 +0000
committer	Jonas Smedegaard <dr@jones.dk>	2002-02-26 16:51:50 +0000
commit	61c68239183352ecb4abc8e89c117e87ac4d0d38 (patch)
tree	449c6535d249f3a328cf382facce9f816832f0ed
parent	9beaf5a64c4f8c5b12808e73b10e6bf97278bfce (diff)