summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--logcheck/ignore.d.server/tmp2
-rw-r--r--logcheck/violations.ignore.d/temp1
2 files changed, 3 insertions, 0 deletions
diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp
index 0acc93f..f4d5603 100644
--- a/logcheck/ignore.d.server/tmp
+++ b/logcheck/ignore.d.server/tmp
@@ -34,3 +34,5 @@ sshd\[.*\]: packet_set_maxsize: setting to 4096
dhcpd-2.2.x: BOOTREQUEST from 00:20:6b:18:20:35
dhcpd-2.2.x: No applicable record for BOOTP host 00:20:6b:18:20:35
postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
+snort: spp_http_decode: IIS Unicode attack detected:
+snort: spp_portscan: portscan status from
diff --git a/logcheck/violations.ignore.d/temp b/logcheck/violations.ignore.d/temp
index 52c886f..44128ce 100644
--- a/logcheck/violations.ignore.d/temp
+++ b/logcheck/violations.ignore.d/temp
@@ -16,3 +16,4 @@ pumpd\[.*\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument
postfix/smtpd\[.*\]: reject: .*: 550 <.*>: User unknown; .*
postfix/smtpd\[.*\]: reject: .*: 554 <.*>: Recipient address rejected: User unknown; .*
postfix.*\[.*\]: .* from=<groove@mailomat.grooveattack.com>
+snort: spp_http_decode: IIS Unicode attack detected:
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-30 18:16:46 +0000