From 195dee5f7411de7fe55087bb819b02f8f864c7fc Mon Sep 17 00:00:00 2001 From: robiscool Date: Wed, 21 Sep 2011 11:28:59 -0700 Subject: snort-dev, remove orion package add snort-dev package --- config/orionids-dev/snort_preprocessors.php | 337 ---------------------------- 1 file changed, 337 deletions(-) delete mode 100644 config/orionids-dev/snort_preprocessors.php (limited to 'config/orionids-dev/snort_preprocessors.php') diff --git a/config/orionids-dev/snort_preprocessors.php b/config/orionids-dev/snort_preprocessors.php deleted file mode 100644 index d99f7f75..00000000 --- a/config/orionids-dev/snort_preprocessors.php +++ /dev/null @@ -1,337 +0,0 @@ -. - All rights reserved. - - Pfsense Old snort GUI - Copyright (C) 2006 Scott Ullrich. - - Pfsense snort GUI - Copyright (C) 2008-2012 Robert Zelaya. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - 3. Neither the name of the pfSense nor the names of its contributors - may be used to endorse or promote products derived from this software without - specific prior written permission. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - -*/ - -require_once("guiconfig.inc"); -require_once("/usr/local/pkg/snort/snort_new.inc"); -require_once("/usr/local/pkg/snort/snort_gui.inc"); - -//Set no caching -header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); -header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); -header("Cache-Control: no-store, no-cache, must-revalidate"); -header("Cache-Control: post-check=0, pre-check=0", false); -header("Pragma: no-cache"); - -// set page vars - -$uuid = $_GET['uuid']; -if (isset($_POST['uuid'])) -$uuid = $_POST['uuid']; - -if ($uuid == '') { - echo 'error: no uuid'; - exit(0); -} - - -$a_list = snortSql_fetchAllSettings('snortDB', 'SnortIfaces', 'uuid', $uuid); - - $pgtitle = "Snort: Interface Preprocessors and Flow"; - include("/usr/local/pkg/snort/snort_head.inc"); - -?> - - - - -
-
-
- -
-
-



Please Wait...

-
-
-

-
-
-
- - - -
- - - -
- -
-
- - - - - - - - -
- -
- -
- -
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  - Note: -
- Rules may be dependent on preprocessors!
- Defaults will be used when there is no user input.
-
Performance Statistics
Enable - > - Performance Statistics for this interface. -
HTTP Inspect Settings
Enable - > - Use HTTP Inspect to Normalize/Decode and detect HTTP traffic and protocol anomalies. -
HTTP server flow depth - - - - -
- - -1 to 1460 (-1 disables HTTP inspect, 0 enables all HTTP inspect) -
- Amount of HTTP server response payload to inspect. Snort's performance may increase by adjusting this value. -
- Setting this value too low may cause false negatives. Values above 0 are specified in bytes. Default value is 0 -
-
Stream5 Settings
Max Queued Bytes - - - - -
- - Minimum is 1024, Maximum is 1073741824 ( default value is 1048576, 0means Maximum ) -
- The number of bytes to be queued for reassembly for TCP sessions in memory. Default value is 1048576 -
-
Max Queued Segs - - - - -
- - Minimum is 2, Maximum is 1073741824 ( default value is 2621, 0 means Maximum ) -
- The number of segments to be queued for reassembly for TCP sessions in memory. Default value is 2621 -
-
General Preprocessor Settings
- Enable
- RPC Decode and Back Orifice detector - 		- > -
- Normalize/Decode RPC traffic and detects Back Orifice traffic on the network. -
- Enable -
- FTP and Telnet Normalizer - 		- > -
- Normalize/Decode FTP and Telnet traffic and protocol anomalies. -
- Enable -
- SMTP Normalizer - 		- > -
- Normalize/Decode SMTP protocol for enforcement and buffer overflows. -
- Enable -
- Portscan Detection - 		- > -
- Detects various types of portscans and portsweeps. -
- Enable -
- DCE/RPC2 Detection - 		- > -
- The DCE/RPC preprocessor detects and decodes SMB and DCE/RPC traffic. -
- Enable -
- DNS Detection - 		- > -
- The DNS preprocessor decodes DNS Response traffic and detects some vulnerabilities. -
Define SSL_IGNORE - -
- Encrypted traffic should be ignored by Snort for both performance reasons and to reduce false positives. -
- Default: "443 465 563 636 989 990 992 993 994 995". Please use spaces and not commas. -
  - - -
  - Note: Please save your settings before you click Start. -
-
-
-
- - - - - - - - -- cgit v1.2.3