Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Correct portscan preprocessor settings. WAN Gateway, DNS servers, and ↵ | Scott Dale | 2007-02-22 | 1 | -10/+19 |
| | | | | loopback address are not automatically inserted in $HOME_NET. Removed redundant code that was inserting local IPs twice into $HOME_NET. | ||||
* | Removed the flow-portscan preprocessor and inserted the sfportscan ↵ | Scott Dale | 2007-02-21 | 1 | -25/+8 |
| | | | | preprocessor. Flow-portscan has been deprecated from Snort. | ||||
* | Make sure snort is deinstalled correctly | Scott Ullrich | 2007-02-11 | 1 | -0/+3 |
| | | | | Ticket #1252 | ||||
* | Add snort advanced pass thrrough configuration | Scott Ullrich | 2007-01-28 | 1 | -0/+5 |
| | |||||
* | Trim home net | Scott Ullrich | 2007-01-26 | 1 | -1/+1 |
| | | | | Ticket #1232 | ||||
* | s/=/==/ | Scott Ullrich | 2007-01-19 | 1 | -1/+1 |
| | | | | Ticket #1208 | ||||
* | Stop snort on deinstall. | Scott Ullrich | 2006-12-11 | 1 | -0/+3 |
| | |||||
* | * ensure /var/log/snort exists | Scott Ullrich | 2006-12-06 | 1 | -0/+5 |
| | | | | * ensure /var/log/snort/alert exists | ||||
* | make $HOME_NET work for multiple IPs | Bill Marquette | 2006-11-02 | 1 | -1/+6 |
| | |||||
* | filter out grep from results | Scott Ullrich | 2006-10-30 | 1 | -1/+1 |
| | |||||
* | Cleanup sampling code. Don't forget to escape \$ awk variable. | Scott Ullrich | 2006-10-30 | 1 | -1/+7 |
| | |||||
* | When no interface is selected, do not error out. | Scott Ullrich | 2006-10-28 | 1 | -8/+9 |
| | | | | Ticket #1155 | ||||
* | Sample actual snort memory usage as well as system free measurements. | Scott Ullrich | 2006-10-26 | 1 | -1/+1 |
| | |||||
* | Woops, this is overall free system memory, not usage. | Scott Ullrich | 2006-10-26 | 1 | -1/+1 |
| | |||||
* | Note the snort performance mode on startup | Scott Ullrich | 2006-10-26 | 1 | -1/+7 |
| | |||||
* | s/SnortMemory/SnortStartup/ | Scott Ullrich | 2006-10-26 | 1 | -1/+1 |
| | |||||
* | Wait 17 seconds after snort bringup to take after starting memory sampling | Scott Ullrich | 2006-10-26 | 1 | -1/+1 |
| | |||||
* | Take a memory sampling before and after starting snort. Report this ↵ | Scott Ullrich | 2006-10-26 | 1 | -2/+2 |
| | | | | information in the system logs so the Operator can guage how much ram Snort is using | ||||
* | Issue BPF changes correctly | Scott Ullrich | 2006-10-26 | 1 | -0/+8 |
| | |||||
* | Cache page when needed. | Scott Ullrich | 2006-10-11 | 1 | -3/+0 |
| | |||||
* | Only read in snort alert file if it exists. | Scott Ullrich | 2006-10-10 | 1 | -1/+4 |
| | |||||
* | Change name to SnortAdvanced and do now whipe out primary tabs settings. | Scott Ullrich | 2006-10-08 | 1 | -3/+3 |
| | |||||
* | Sync package on advanced tab save | Scott Ullrich | 2006-10-08 | 1 | -1/+1 |
| | |||||
* | * Add snort advanced tab that allows tuning of bpf values | Scott Ullrich | 2006-10-08 | 1 | -4/+18 |
| | | | | * Remove hard coded BPF assumptions | ||||
* | * Correct minor variable scope bug | Scott Ullrich | 2006-10-08 | 1 | -0/+1 |
| | | | | * Add associate snort alert to ip option (handy for large snort installations) | ||||
* | * Add snort cache that will cache the ip -> alert mappings | Scott Ullrich | 2006-10-08 | 1 | -2/+39 |
| | | | | * Add knob to turn off clickable urls in the snort alert tabs (handy for someone with thousands of alerts) | ||||
* | Make snort alerts clickable | Scott Ullrich | 2006-10-07 | 1 | -0/+10 |
| | |||||
* | Add function description, remove trailing whitespace at end of file | Scott Ullrich | 2006-10-07 | 1 | -20/+1 |
| | |||||
* | CACHE /var/log/snort/alert in between calls | Scott Ullrich | 2006-10-07 | 1 | -2/+6 |
| | |||||
* | Woops, reverse the numbers. | Scott Ullrich | 2006-10-07 | 1 | -2/+2 |
| | |||||
* | Associate snort blocked events with their alert description if available | Scott Ullrich | 2006-10-07 | 1 | -0/+33 |
| | |||||
* | Add automatic whitelist feature for VPNs | Scott Ullrich | 2006-10-06 | 1 | -3/+16 |
| | |||||
* | Add a few more comments | Scott Ullrich | 2006-10-06 | 1 | -7/+22 |
| | |||||
* | * Cleanup on deinstall | Scott Ullrich | 2006-10-06 | 1 | -0/+14 |
| | | | | * Increase net.bpf.bufsize to 20480 | ||||
* | Call sync_package_snort_reinstall() on install. | Scott Ullrich | 2006-10-05 | 1 | -2/+12 |
| | |||||
* | Do not exit when opening for writing fails, simply return. | Scott Ullrich | 2006-10-03 | 1 | -1/+1 |
| | |||||
* | Woops, thats a variable, so it requires a $ | Scott Ullrich | 2006-10-03 | 1 | -1/+1 |
| | |||||
* | Writeout whitelist with a foreach, ensure that no stray spaces are present. | Scott Ullrich | 2006-10-03 | 1 | -1/+5 |
| | |||||
* | Teach snort to use newer package plugin methods | Scott Ullrich | 2006-10-01 | 1 | -8/+6 |
| | |||||
* | Use conf_mount_rw() and conf_mount_ro() | Scott Ullrich | 2006-09-30 | 1 | -0/+7 |
| | |||||
* | Pass $HOME_NET to snort | Scott Ullrich | 2006-09-27 | 1 | -2/+2 |
| | |||||
* | Woops, dont allow for run-on commands. | Scott Ullrich | 2006-09-27 | 1 | -1/+1 |
| | |||||
* | * Ensure that only one snort2c is running | Scott Ullrich | 2006-09-27 | 1 | -1/+2 |
| | | | | * Ignore items in the whitelist from port scanning | ||||
* | Do not include pppoe or dhcp entries | Scott Ullrich | 2006-09-27 | 1 | -1/+2 |
| | |||||
* | Resolve pppoe and dhcp ip addresses | Scott Ullrich | 2006-09-27 | 1 | -1/+7 |
| | |||||
* | Make console text friendler | Scott Ullrich | 2006-09-27 | 1 | -16/+34 |
| | |||||
* | Use filenamea instead of filename, filename may become a reserved word down ↵ | Scott Ullrich | 2006-09-27 | 1 | -4/+4 |
| | | | | the road. | ||||
* | Install crontab entry and restart cron if needed | Scott Ullrich | 2006-09-27 | 1 | -0/+9 |
| | |||||
* | Add a new script for automatic snort.org rules updating | Scott Ullrich | 2006-09-27 | 1 | -0/+108 |
| | |||||
* | Space seperate manual whitelist items correctly so that they can be parsed | Scott Ullrich | 2006-09-27 | 1 | -1/+1 |
| |