Hello community, here is the log from the commit of package prelude-lml-rules for openSUSE:Factory checked in at 2017-03-12 20:05:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/prelude-lml-rules (Old) and /work/SRC/openSUSE:Factory/.prelude-lml-rules.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "prelude-lml-rules" Sun Mar 12 20:05:30 2017 rev:3 rq:478670 version:3.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/prelude-lml-rules/prelude-lml-rules.changes 2017-02-19 01:00:42.662287498 +0100 +++ /work/SRC/openSUSE:Factory/.prelude-lml-rules.new/prelude-lml-rules.changes 2017-03-12 20:05:31.176855221 +0100 @@ -1,0 +2,7 @@ +Fri Feb 10 00:33:55 UTC 2017 - thomas.andrejak@gmail.com + +- Update to 3.1.0 (Prelude 3.1.0 released on 14 Sept 2016) +- Remove unnecessary patches (prelude-lml-rules-fsf-address.patch) +- Spec-Cleaner + +------------------------------------------------------------------- Old: ---- prelude-lml-rules-3.0.1.tar.gz prelude-lml-rules-fsf-address.patch New: ---- prelude-lml-rules-3.1.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ prelude-lml-rules.spec ++++++ --- /var/tmp/diff_new_pack.jFod3B/_old 2017-03-12 20:05:31.900752786 +0100 +++ /var/tmp/diff_new_pack.jFod3B/_new 2017-03-12 20:05:31.904752220 +0100 @@ -17,23 +17,21 @@ Name: prelude-lml-rules -Version: 3.0.1 +Version: 3.1.0 Release: 0 Summary: Prelude LML community ruleset License: GPL-2.0+ Group: System/Daemons Url: https://www.prelude-siem.org -Source0: https://www.prelude-siem.org/pkg/src/3.0.0/%{name}-%{version}.tar.gz -Patch0: prelude-lml-rules-fsf-address.patch -BuildArch: noarch +Source0: https://www.prelude-siem.org/pkg/src/%{version}/%{name}-%{version}.tar.gz Requires: prelude-lml +BuildArch: noarch %description Rules for Prelude LML contributed by the community. %prep %setup -q -%patch0 -p0 %build ++++++ prelude-lml-rules-3.0.1.tar.gz -> prelude-lml-rules-3.1.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/NEWS new/prelude-lml-rules-3.1.0/NEWS --- old/prelude-lml-rules-3.0.1/NEWS 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/NEWS 2016-09-15 09:02:28.000000000 +0200 @@ -1,7 +1,17 @@ -* 2016-01-11, prelude-lml-rules-3.0.1: +* 2016-09-14, prelude-lml-rules-3.1.0: +* 2016-09-01, prelude-lml-rules-3.1.0rc3: +* 2016-08-19, prelude-lml-rules-3.1.0rc2: + +No new changes. + + + +* 2016-08-05, prelude-lml-rules-3.1.0rc1: Author: Thomas Andrejak +- Update FSF address and copyrights + - Fix GRSecurity and Snare rules diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/bonding.rules new/prelude-lml-rules-3.1.0/ruleset/bonding.rules --- old/prelude-lml-rules-3.0.1/ruleset/bonding.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/bonding.rules 2016-09-15 09:02:28.000000000 +0200 @@ -2,6 +2,29 @@ #VERSION: 1.0 #DESCRIPTION: The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical "bonded" interface. +##### +# +# Copyright (C) 2016 CS-SI <support.prelude@c-s.fr> +# All Rights Reserved +# +# This file is part of the Prelude-LML program. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +##### + #LOG:Aug 24 00:54:18 blah kernel: bonding: bond0: backup interface eth0 is now up #LOG:Aug 24 00:54:18 blah kernel: bonding: bond0: backup interface eth0 is now down regex=bonding:\s(\w+):\s(\w+)\sinterface\s(\w+)\sis\snow\s(\w+); \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/checkpoint.rules new/prelude-lml-rules-3.1.0/ruleset/checkpoint.rules --- old/prelude-lml-rules-3.0.1/ruleset/checkpoint.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/checkpoint.rules 2016-09-15 09:02:28.000000000 +0200 @@ -6,6 +6,7 @@ # # Copyright (C) 2003 Exaprobe # All Rights Reserved +# # This ruleset is currently unmaintained. Contact the Prelude # development team if you would like to maintain it. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/cisco-ace.rules new/prelude-lml-rules-3.1.0/ruleset/cisco-ace.rules --- old/prelude-lml-rules-3.0.1/ruleset/cisco-ace.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/cisco-ace.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com>, twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # # This file is part of the Prelude-LML program. @@ -19,9 +20,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/cisco-asa.rules new/prelude-lml-rules-3.1.0/ruleset/cisco-asa.rules --- old/prelude-lml-rules-3.0.1/ruleset/cisco-asa.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/cisco-asa.rules 2016-09-15 09:02:28.000000000 +0200 @@ -24,9 +24,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/cisco-common.rules new/prelude-lml-rules-3.1.0/ruleset/cisco-common.rules --- old/prelude-lml-rules-3.0.1/ruleset/cisco-common.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/cisco-common.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,10 +4,10 @@ ##### # -# Copyright (C) 2006 Alexandre Racine -# <alexandreracine@gmail.com> www.alexandreracine.com +# Copyright (C) 2006 Alexandre Racine <alexandreracine@gmail.com> +# www.alexandreracine.com # Currently maintained by Alexandre Racine <alexandreracine@gmail.com> -# All Rights Reserved - Tous droits reserves. +# All Rights Reserved # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/cisco-ips-2.rules new/prelude-lml-rules-3.1.0/ruleset/cisco-ips-2.rules --- old/prelude-lml-rules-3.0.1/ruleset/cisco-ips-2.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/cisco-ips-2.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: www.twitter.com/seguridad_x +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: www.twitter.com/seguridad_x # All Rights Reserved # # This file is part of the Prelude-LML program. @@ -19,9 +20,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/cisco-router.rules new/prelude-lml-rules-3.1.0/ruleset/cisco-router.rules --- old/prelude-lml-rules-3.0.1/ruleset/cisco-router.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/cisco-router.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,9 +4,8 @@ ##### # -# Copyright (C) 2002 Arnaud Guignard +# Copyright (C) 2002 Arnaud Guignard <dennis.hadderingh@is-company.nl> # This ruleset is currently maintained by Dennis Hadderingh -# <dennis.hadderingh@is-company.nl> # All Rights Reserved # # This file is part of the Prelude-LML program. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/fortigate.rules new/prelude-lml-rules-3.1.0/ruleset/fortigate.rules --- old/prelude-lml-rules-3.0.1/ruleset/fortigate.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/fortigate.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,10 +4,12 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # -# Copyright (C) 2014-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2014-2016 CS-SI <support.prelude@c-s.fr> +# All Rights Reserved. # # This file is part of the Prelude-LML program. # @@ -21,9 +23,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/grsecurity.rules new/prelude-lml-rules-3.1.0/ruleset/grsecurity.rules --- old/prelude-lml-rules-3.0.1/ruleset/grsecurity.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/grsecurity.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,8 +4,9 @@ ##### # -# Copyright (C) 2005-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2005-2016 CS-SI <support.prelude@c-s.fr> # Author: Yoann Vandoorselaere <yoann.v@prelude-siem.com> +# All Rights Reserved. # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/httpd.rules new/prelude-lml-rules-3.1.0/ruleset/httpd.rules --- old/prelude-lml-rules-3.0.1/ruleset/httpd.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/httpd.rules 2016-09-15 09:02:28.000000000 +0200 @@ -1,8 +1,8 @@ -##### #FULLNAME: Apache HTTP Server #VERSION: 1.0 #DESCRIPTION: The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. +##### # # Copyright (C) 2005 Ruben Alonso <1rualons@rigel.deusto.es> # All Rights Reserved diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/ipchains.rules new/prelude-lml-rules-3.1.0/ruleset/ipchains.rules --- old/prelude-lml-rules-3.0.1/ruleset/ipchains.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/ipchains.rules 2016-09-15 09:02:28.000000000 +0200 @@ -2,8 +2,31 @@ #VERSION: 1.0 #DESCRIPTION: Linux IP Firewalling Chains (ipchains) control the packet filter or firewall capabilities in the 2.2 series of Linux kernels. +##### +# +# Copyright (C) 2016 CS-SI <support.prelude@c-s.fr> +# Author : Simon Castro <scastro [at] entreelibre.com> +# All Rights Reserved +# +# This file is part of the Prelude-LML program. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +##### + # Customized prelude-lml rules file to support Ipchains events - v0.1.1 -# Simon Castro <scastro [at] entreelibre.com> # # Deny rules : Match all IPv4 packet deny references for tcp, udp and icmp protocols. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/ipfw.rules new/prelude-lml-rules-3.1.0/ruleset/ipfw.rules --- old/prelude-lml-rules-3.0.1/ruleset/ipfw.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/ipfw.rules 2016-09-15 09:02:28.000000000 +0200 @@ -2,7 +2,32 @@ #VERSION: 1.0 #DESCRIPTION: ipfirewall (ipfw) is a FreeBSD IP packet filter and traffic accounting facility. -# Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl>: FreeBSD IPFW support +##### +# +# Copyright (C) 2016 CS-SI <support.prelude@c-s.fr> +# Author : Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> +# All Rights Reserved +# +# This file is part of the Prelude-LML program. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +##### + +# FreeBSD IPFW support + # 1. Deny rules #LOG:Feb 3 16:02:18 lhotse /kernel: ipfw: 65000 Deny UDP 200.65.7.49:1033 12.34.56.78:137 in via tun0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/juniper-vpn.rules new/prelude-lml-rules-3.1.0/ruleset/juniper-vpn.rules --- old/prelude-lml-rules-3.0.1/ruleset/juniper-vpn.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/juniper-vpn.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,10 +4,12 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # -# Copyright (C) 2014-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2014-2016 CS-SI <support.prelude@c-s.fr> +# All Rights Reserved. # # This file is part of the Prelude-LML program. # @@ -21,9 +23,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/modsecurity.rules new/prelude-lml-rules-3.1.0/ruleset/modsecurity.rules --- old/prelude-lml-rules-3.0.1/ruleset/modsecurity.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/modsecurity.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2008 Daniel Kopecek <dkopecek at redhat dot com>, Peter Vrabec <pvrabec at redhat dot com> +# Copyright (C) 2008 Daniel Kopecek <dkopecek at redhat dot com> +# Peter Vrabec <pvrabec at redhat dot com> # All Rights Reserved # # This file is part of the Prelude-LML program. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/ms-cluster.rules new/prelude-lml-rules-3.1.0/ruleset/ms-cluster.rules --- old/prelude-lml-rules-3.0.1/ruleset/ms-cluster.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/ms-cluster.rules 2016-09-15 09:02:28.000000000 +0200 @@ -5,7 +5,6 @@ ##### # # Copyright (C) 2006 G Ramon Gomez <gene at gomezbrothers dot com> -# # All Rights Reserved # # This file is part of the Prelude-LML program. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/netfilter.rules new/prelude-lml-rules-3.1.0/ruleset/netfilter.rules --- old/prelude-lml-rules-3.0.1/ruleset/netfilter.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/netfilter.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,8 +4,9 @@ ##### # -# Copyright (C) 2005-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2005-2016 CS-SI <support.prelude@c-s.fr> # Author: Yoann Vandoorselaere <yoann.v@prelude-siem.com> +# All Rights Reserved. # # Based on original implementation from Laurent Oudot, John Green <j.green@ukerna.ac.uk> # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/netscreen.rules new/prelude-lml-rules-3.1.0/ruleset/netscreen.rules --- old/prelude-lml-rules-3.0.1/ruleset/netscreen.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/netscreen.rules 2016-09-15 09:02:28.000000000 +0200 @@ -5,8 +5,8 @@ ##### # # Copyright (C) 2005 G Ramon Gomez <gene at gomezbrothers dot com> -# All Rights Reserved # Based on rules by Jean-Françs SURET <tilaris at wanadoo dot fr> +# All Rights Reserved # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/openhostapd.rules new/prelude-lml-rules-3.1.0/ruleset/openhostapd.rules --- old/prelude-lml-rules-3.0.1/ruleset/openhostapd.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/openhostapd.rules 2016-09-15 09:02:28.000000000 +0200 @@ -2,19 +2,28 @@ #VERSION: 1.0 #DESCRIPTION: hostapd is a user space daemon for wireless access point and authentication servers. -# Copyright (c) 2005 Reyk Floeter <reyk@vantronix.net> +##### # -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +# Copyright (C) 2005 Reyk Floeter <reyk@vantronix.net> +# All Rights Reserved +# +# This file is part of the Prelude-LML program. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +##### # # Prelude Hybrid IDS LML sensor PCRE rules for the OpenBSD hostapd(8) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/postfix.rules new/prelude-lml-rules-3.1.0/ruleset/postfix.rules --- old/prelude-lml-rules-3.0.1/ruleset/postfix.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/postfix.rules 2016-09-15 09:02:28.000000000 +0200 @@ -5,8 +5,8 @@ ##### # # Copyright (C) 2004 Exaprotect Technology -# All Rights Reserved # Currently supported by John R Shannon <john at johnrshannon dot com> +# All Rights Reserved # # Author: David Maciejak # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/ppp.rules new/prelude-lml-rules-3.1.0/ruleset/ppp.rules --- old/prelude-lml-rules-3.0.1/ruleset/ppp.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/ppp.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,11 +4,10 @@ ##### # -# PPP/PPTP/L2TP VPN Server rules -# -# Copyright (C) 2009-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2009-2016 CS-SI <support.prelude@c-s.fr> # Copyright (C) 2008 Alexander Afonyashin <firm@iname.com> # Author: Alexander Afonyashin <firm@iname.com> +# All Rights Reserved. # # This file is part of the Prelude-LML program. # @@ -28,6 +27,11 @@ # ##### +##### +# +# PPP/PPTP/L2TP VPN Server rules +# +##### # Dec 4 23:01:24 beorc pptpd[24795]: CTRL: Client 1.2.3.4 control connection started # Dec 4 23:01:24 beorc pptpd[24795]: CTRL: Starting call (launching pppd, opening GRE) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/radiusd.rules new/prelude-lml-rules-3.1.0/ruleset/radiusd.rules --- old/prelude-lml-rules-3.0.1/ruleset/radiusd.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/radiusd.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: www.twitter.com/seguridad_x +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: www.twitter.com/seguridad_x # All Rights Reserved # # This file is part of the Prelude-LML program. @@ -19,9 +20,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/snare_windows.rules new/prelude-lml-rules-3.1.0/ruleset/snare_windows.rules --- old/prelude-lml-rules-3.0.1/ruleset/snare_windows.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/snare_windows.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright Nicholas Nachefski (nicholas <underscore> nachefski <at> hotmail <dot> com +# Copyright Nicholas Nachefski <nicholas_nachefski@hotmail.com> +# All Rights Reserved # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/squid.rules new/prelude-lml-rules-3.1.0/ruleset/squid.rules --- old/prelude-lml-rules-3.0.1/ruleset/squid.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/squid.rules 2016-09-15 09:02:28.000000000 +0200 @@ -5,8 +5,8 @@ ##### # # Copyright (C) 2003 Vincent Glaume -# All Rights Reserved # Currently supported by G Ramon Gomez <gene at gomezbrothers dot com> +# All Rights Reserved # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/su.rules new/prelude-lml-rules-3.1.0/ruleset/su.rules --- old/prelude-lml-rules-3.0.1/ruleset/su.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/su.rules 2016-09-15 09:02:28.000000000 +0200 @@ -2,6 +2,29 @@ #VERSION: 1.0 #DESCRIPTION: The Unix command su is used by a computer user to execute a command with the privileges of another user account. +##### +# +# Copyright (C) 2016 CS-SI <support.prelude@c-s.fr> +# All Rights Reserved +# +# This file is part of the Prelude-LML program. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +##### + ################### # Logging succeed # ################### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/symantec-epm.rules new/prelude-lml-rules-3.1.0/ruleset/symantec-epm.rules --- old/prelude-lml-rules-3.0.1/ruleset/symantec-epm.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/symantec-epm.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,10 +4,12 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # -# Copyright (C) 2014-2016 CS-SI. All Rights Reserved. +# Copyright (C) 2014-2016 CS-SI <support.prelude@c-s.fr> +# All Rights Reserved. # # This file is part of the Prelude-LML program. # @@ -21,9 +23,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/symantec-scsp.rules new/prelude-lml-rules-3.1.0/ruleset/symantec-scsp.rules --- old/prelude-lml-rules-3.0.1/ruleset/symantec-scsp.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/symantec-scsp.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # # This file is part of the Prelude-LML program. @@ -19,9 +20,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/tripwire.rules new/prelude-lml-rules-3.1.0/ruleset/tripwire.rules --- old/prelude-lml-rules-3.0.1/ruleset/tripwire.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/tripwire.rules 2016-09-15 09:02:28.000000000 +0200 @@ -5,9 +5,9 @@ ##### # # Copyright (C) 2004 G Ramon Gomez <gene at gomezbrothers dot com> -# All Rights Reserved # Based on rules originally submitted by David Maciejak on behalf of # Exaprotect Technology +# All Rights Reserved # # This file is part of the Prelude-LML program. # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/vpopmail.rules new/prelude-lml-rules-3.1.0/ruleset/vpopmail.rules --- old/prelude-lml-rules-3.0.1/ruleset/vpopmail.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/vpopmail.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,7 @@ ##### # -# Copyright (C) 2003 Stephane Loeuillet (stephane.loeuillet@tiscali.fr) +# Copyright (C) 2003 Stephane Loeuillet <stephane.loeuillet@tiscali.fr> # All Rights Reserved # # This file is part of the Prelude-LML program. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/ruleset/xg45-datapower.rules new/prelude-lml-rules-3.1.0/ruleset/xg45-datapower.rules --- old/prelude-lml-rules-3.0.1/ruleset/xg45-datapower.rules 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/ruleset/xg45-datapower.rules 2016-09-15 09:02:28.000000000 +0200 @@ -4,7 +4,8 @@ ##### # -# Copyright (C) 2012 email: <operador@seguridadx.com> twitter: <www.twitter.com/seguridad_x> +# Copyright (C) 2012 Seguridadx <operador@seguridadx.com> +# twitter: <www.twitter.com/seguridad_x> # All Rights Reserved # # This file is part of the Prelude-LML program. @@ -19,9 +20,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # ##### diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/prelude-lml-rules-3.0.1/src/prelude-lml-rules-check new/prelude-lml-rules-3.1.0/src/prelude-lml-rules-check --- old/prelude-lml-rules-3.0.1/src/prelude-lml-rules-check 2016-04-24 12:44:08.000000000 +0200 +++ new/prelude-lml-rules-3.1.0/src/prelude-lml-rules-check 2016-09-15 09:02:28.000000000 +0200 @@ -1,4 +1,5 @@ #!/usr/bin/env perl + ##### # # Copyright (C) 2013-2016 CS-SI. All Rights Reserved. @@ -15,9 +16,9 @@ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to -# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # #####