From 43bb5a2a70f4e9d52701a33e4e75d4422fc0b8aa Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Wed, 25 Sep 2013 17:21:11 -0400 Subject: Add missing SSH preproc and set more preproc options --- config/snort/snort.inc | 79 ++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 64 insertions(+), 15 deletions(-) diff --git a/config/snort/snort.inc b/config/snort/snort.inc index f757cfb7..573cd8ac 100755 --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -2766,19 +2766,23 @@ preprocessor http_inspect_server: server default profile {$http_server_profile} EOD; /* def ftp_preprocessor */ + $telnet_ports = str_replace(",", " ", $snort_ports['telnet_ports']); + $ftp_ports = str_replace(",", " ", $snort_ports['ftp_ports']); $ftp_preprocessor = << "ssl_preproc", "dnp3_preproc" => "dnp3_preproc", "modbus_preproc" => "modbus_preproc" ); $snort_preproc = array ( - "perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor", "ssl_preproc", "sip_preproc", "gtp_preproc", + "perform_stat", "http_inspect", "other_preprocs", "ftp_preprocessor", "smtp_preprocessor", "ssl_preproc", "sip_preproc", "gtp_preproc", "ssh_preproc", "sf_portscan", "dce_rpc_2", "dns_preprocessor", "sensitive_data", "pop_preproc", "imap_preproc", "dnp3_preproc", "modbus_preproc" ); $default_disabled_preprocs = array( -- cgit v1.2.3