From 19b2c6c5f3313311ec5cb6c4017a0f338af1a926 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Mon, 18 Mar 2002 22:04:06 +0000 Subject: logcheck: Several misc. updates. --- logcheck/ignore.d.server/tmp | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'logcheck/ignore.d.server') diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp index 8406246..009a3d0 100644 --- a/logcheck/ignore.d.server/tmp +++ b/logcheck/ignore.d.server/tmp @@ -34,17 +34,25 @@ sshd\[.*\]: packet_set_maxsize: setting to 4096 dhcpd-2.2.x: BOOTREQUEST from 00:20:6b:18:20:35 dhcpd-2.2.x: No applicable record for BOOTP host 00:20:6b:18:20:35 postfix.*\[.*\]: .* from= -snort: spp_http_decode: IIS Unicode attack detected: -snort: IIS- snort: FrontPage- -snort: spp_portscan: portscan status from -snort: IDS246 - MISC - Large ICMP Packet: -snort: NETBIOS-SMB-C: -snort: NETBIOS-SMB-CD...: -snort: WEB-../..: -snort: spp_portscan: PORTSCAN DETECTED -snort: spp_portscan: End of portscan +snort: IDS015 - RPC - portmap-request-status: snort: IDS029 - SCAN-Possible Queso Fingerprint attempt: +snort: IDS115 - MISC-Traceroute-UDP: +snort: IDS212 - MISC - DNS Zone Transfer: snort: IDS226 - CVE-1999-0172 - CGI-formmail: +snort: IDS246 - MISC - Large ICMP Packet: +snort: IIS- snort: MISC-Attempted Sun RPC high port access: +snort: NETBIOS-SMB-C: +snort: NETBIOS-SMB-CD...: +snort: NMAP TCP ping!: +snort: RPC Info Query: snort: SCAN-SYN FIN: +snort: spp_http_decode: IIS Unicode attack detected: +snort: spp_portscan: End of portscan +snort: spp_portscan: PORTSCAN DETECTED +snort: spp_portscan: portscan status from +snort: WEB-../..: +snort: WEB-CGI-upload.pl: +postgres\[.*\]: \[.*\] DEBUG: +postgres\[.*\]: \[[:digit:]-\] ^ITotal CPU .* sec elapsed .* sec\. -- cgit v1.2.3