From 62520bf1f47c43ebc09c2e10d7f9eb440c8d9c39 Mon Sep 17 00:00:00 2001 From: robscool Date: Mon, 13 Apr 2009 01:55:09 -0700 Subject: update snort.inc snort.xml April 13 09 modified: config/snort/snort.inc Fixed snort.inc; missing slash, added snort.stats. verified changes with security scanners modified: config/snort/snort.xml Changed snort.xml; version change --- config/snort/snort.inc | 13 +++++++++++-- config/snort/snort.xml | 2 +- 2 files changed, 12 insertions(+), 3 deletions(-) mode change 100644 => 100755 config/snort/snort.inc (limited to 'config') diff --git a/config/snort/snort.inc b/config/snort/snort.inc old mode 100644 new mode 100755 index f681c25f..5076037c --- a/config/snort/snort.inc +++ b/config/snort/snort.inc @@ -412,7 +412,7 @@ portvar RSH_PORTS 514 portvar SMB_PORTS [139,445] portvar SMTP_PORTS 25 portvar SNMP_PORTS 161 -portvar SSH_PORTS {$ssh_port} +portvar SSH_PORTS {\$ssh_port} portvar TELNET_PORTS 23 portvar MAIL_PORTS [25,143,465,691] portvar SSL_PORTS [25,443,465,636,993,995] @@ -478,6 +478,15 @@ preprocessor stream5_tcp: policy BSD, ports both all, use_static_footprint_sizes preprocessor stream5_udp preprocessor stream5_icmp +########################## + # +# NEW # +# Performance Statistics # + # +########################## + +preprocessor perfmonitor: time 300 file /var/log/snort/snort.stats pktcnt 10000 + ################# # # HTTP Inspect # @@ -597,7 +606,7 @@ preprocessor sfportscan: scan_type { all } \ proto { all } \ memcap { 10000000 } \ sense_level { medium } \ - ignore_scanners { $HOME_NET } + ignore_scanners { \$HOME_NET } ############################ # diff --git a/config/snort/snort.xml b/config/snort/snort.xml index a35226fe..af549a27 100644 --- a/config/snort/snort.xml +++ b/config/snort/snort.xml @@ -46,7 +46,7 @@ Describe your package requirements here Currently there are no FAQ items provided. Snort - 2.8.4.2 + 2.8.4.3 Services: Snort /usr/local/pkg/snort.inc -- cgit v1.2.3