Difference: WebChanges (1 vs. 2)
Revision 22001-08-16 - PeterThoeny
| Line: 1 to 1 | ||||||||
|---|---|---|---|---|---|---|---|---|
| Changed: | ||||||||
| < < | Could not perform search. Error was: /bin/grep -E -i -l -H -- %TOKEN|U% %FILES|F% Grep for '.*' returned error | |||||||
| > > | Recent Changes in Main Web retrieved at 04:26 (GMT)<-- remove the format parameter to show absolute date instead if topic age --> <--/twikiTopRow--> Statistics for Main Web Month: Topic views: Topic saves: File uploads: Most popular topic views: Top contributors for topic save and... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> Sagan rule options and definitions: {alert drop} alert tcp $EXTERNAL NET any $HOME NET 22 The first statement of a rule contains either `alert` or `drop... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> 1. Introduction We`ve tried to make Sagan as simple and easy to use as possible. For the most part, compiling and installation is done your typical Unix way. That... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WINDOWS MISC Fan failure detected`; content:` 10 3a Fan `; content:` has failed`; classtype: hardware event;... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 source route attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0152... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 SYN flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0153 22 `; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert icmp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 ICMP flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0154 22 `;... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert udp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 UDP flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0155 22 `; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert udp $EXTERNAL NET any $HOME NET 500 (msg: ` WATCHGUARD IPv4 IPSEC flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0156 22 `;... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert udp $EXTERNAL NET any $HOME NET 500 (msg: ` WATCHGUARD IPv4 IKE flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0157 22 `; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 scan attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0158 22 `; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 port scan attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0159 22 `... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 DDOS attack against a server was detected`; program: WatchGuard ; content: `msg id 22... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv4 DDOS attack from a client was detected`; program: WatchGuard ; content: `msg id 22 3000... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv6 SYN flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0162 22 `; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert icmp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv6 ICMP flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0163 22 `;... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert udp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv6 UDP flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0164 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv6 IPSEC flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0165... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert udp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPv6 IKE flood attack was detected`; program: WatchGuard ; content: `msg id 22 3000 0166 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Traffic was detected to or from a blocked site`; program: WatchGuard ; content: `msg id 22 3000... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IP spoofing was detected from the IP address specified`; program: WatchGuard ; content: `msg id... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Possible loop or ARP spoofing detected`; program: WatchGuard ; content: `msg id 22 3000 012E... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Firewall is shutting down`; program: WatchGuard ; content: `msg id 22 3000 0028 22 `; classtype: program... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Detected an ARP spoofing attack`; program: WatchGuard ; content: `msg id 22 3000 012C 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Feature key for Application Control subscription has expired`; program: WatchGuard ; content: `msg... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Feature key for Intrusion Prevention Services subscription has expired`; program: WatchGuard ; content... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Capture stopped due to the specified reason`; program: WatchGuard ; content: `msg id 22 3113... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Starting wireless AP service`; program: WatchGuard ; content: `msg id 22 3100 0052 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Wireless access point model mismatch`; program: WatchGuard ; content: `msg id 22 6100 0002... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Wireless access point activation failure`; program: WatchGuard ; content: `msg id 22 6100 0003... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD APT threat identification and notification`; program: WatchGuard ; content: `msg id 22 0F00... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Gateway AntiVirus (GAV) detected a virus or malware in an email attachment.`; program: WatchGuard... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Gateway AntiVirus (GAV) cannot perform scan`; program: WatchGuard ; content: `msg id 22 1BFF 000E... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD APT threat detected`; program: WatchGuard ; content: `msg id 22 1BFF 0028 22 `; parse proto; parse... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET $FTP PORT (msg: ` WATCHGUARD Gateway AntiVirus (GAV) virus found FTP`; program: WatchGuard ; content: `msg id 22 1CFF... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Gateway AntiVirus (GAV) scan error`; program: WatchGuard ; content: `msg id 22 1CFF 000F 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET $POP3 PORT (msg: ` WATCHGUARD Gateway AntiVirus (GAV) virus found POP3`; program: WatchGuard ; content: `msg id 22 21FF... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Administrative accounts reset to default`; program: WatchGuard ; content: `msg id 22 0101... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD LIVESECURITY feature not found`; program: WatchGuard ; content: `msg id 22 5501 0002 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD Member promoted to master`; program: WatchGuard ; content: `msg id 22 3900 0005 22 `; classtype... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Failed to start the signature update for the specified services`; program: WatchGuard ; content: `msg... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET $PPTP PORT (msg: ` WATCHGUARD VPN User login`; program: WatchGuard ; content: `msg id 22 1400 0000 22 `; parse src ip... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg:` WATCHGUARD Failed Login Attempt Brute force WATCHGUARD 5/5 `; program: WatchGuard ; content: `msg id... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert tcp $EXTERNAL NET any $HOME NET $HTTPS PORT (msg: ` WATCHGUARD GEOIP VPN login from outside HOME COUNTRY`; program WatchGuard ; content: `msg id 22... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $EXTERNAL NET $FTP PORT (msg: ` WATCHGUARD GEOIP FTP file transfer to outside HOME COUNTRY`; program: WatchGuard ; country code: track... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $EXTERNAL NET any (msg: ` WATCHGUARD Signature update process for the specified version failed`; program: WatchGuard ; content: `msg... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IP spoofing was detected from the IP address specified`; program: WatchGuard ; content: `msg id... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $HOME NET any $HOME NET any (msg: ` WATCHGUARD Wireless Access Point Model Mismatch`; program: WatchGuard ; content: `msg id 22 6100 0002 22 `; class... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` WATCHGUARD IPS detected an intrusion in the client request or server response content body`; program: WatchGuard... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult--> <--/twikiTopRow--> alert syslog $EXTERNAL NET any $HOME NET any (msg: ` CISCO MERAKI Malicious file blocked by amp`; content: `malicious action block`; classtype: suspicious traffic... <--/twikiSummary--> <--/twikiBottomRow--> <--/patternSearchResult-->Show 10, 20, 50, 100, 500, 1000 results per page, or show all. Related topics:  RSS feed, ATOM feed, WebNotify, site changes, site map | |||||||
Revision 12000-08-19 - PeterThoeny
| Line: 1 to 1 | ||||||||
|---|---|---|---|---|---|---|---|---|
| Added: | ||||||||
| > > | Could not perform search. Error was: /bin/grep -E -i -l -H -- %TOKEN|U% %FILES|F% Grep for '.*' returned error | |||||||
View topic | History: r5 < r4 < r3 < r2 | More topic actions...
Copyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback