securityonion-ossec-rules: add rule to ignore Squert POST #638

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 3 comments

Comments

Projects
None yet
1 participant
@GoogleCodeExporter
securityonion-ossec-rules: add rule to ignore Squert POST

Original issue reported on code.google.com by doug.bu...@gmail.com on 24 Oct 2014 at 6:03

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

  <rule id="111113" level="0">
    <if_sid>31533</if_sid>
    <match>/squert/.inc/callback.php</match>
    <description>Squert</description>
  </rule>

Original comment by doug.bu...@gmail.com on 24 Oct 2014 at 10:02

  • Added labels: ****
  • Removed labels: ****
  <rule id="111113" level="0">
    <if_sid>31533</if_sid>
    <match>/squert/.inc/callback.php</match>
    <description>Squert</description>
  </rule>

Original comment by doug.bu...@gmail.com on 24 Oct 2014 at 10:02

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/lQ4iQeLJuok/discussion

Original comment by doug.bu...@gmail.com on 25 Oct 2014 at 1:05

  • Added labels: ****
  • Removed labels: ****
Submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/lQ4iQeLJuok/discussion

Original comment by doug.bu...@gmail.com on 25 Oct 2014 at 1:05

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://blog.securityonion.net/2014/10/sguil-09-and-squert-150-now-available.html

Original comment by doug.bu...@gmail.com on 29 Oct 2014 at 6:59

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Published:
http://blog.securityonion.net/2014/10/sguil-09-and-squert-150-now-available.html

Original comment by doug.bu...@gmail.com on 29 Oct 2014 at 6:59

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment