Attachment #107305 for bug #148057

View | Details | Raw Unified | Return to bug 148057
Collapse All | Expand All

Lines 6-12 Link Here

(-)ossec-hids-server/Makefile (-1 / +1 lines)
6	#	6	#
7		7
8	PORTNAME= ossec-hids	8	PORTNAME= ossec-hids
9	PORTVERSION= 2.0	9	PORTVERSION= 2.4.1
10	PORTREVISION?= 0	10	PORTREVISION?= 0
11	CATEGORIES= security	11	CATEGORIES= security
12	MASTER_SITES= http://www.ossec.net/files/ \	12	MASTER_SITES= http://www.ossec.net/files/ \

Lines 1-3 Link Here

(-)ossec-hids-server/distinfo (-3 / +3 lines)
1	MD5 (ossec-hids-2.0.tar.gz) = 113d3df5f556f7f0e3df2d203d2ef73d	1	MD5 (ossec-hids-2.4.1.tar.gz) = 6796daf0feeae4223f3c1c455ee9350e
2	SHA256 (ossec-hids-2.0.tar.gz) = 4640384c20d2b7a80c266180fd6b1a73703f8fda1794ced4c82d4ab4abbcb250	2	SHA256 (ossec-hids-2.4.1.tar.gz) = 5bb1e48699a38f1c553e31349c20dda06c9fcfc15f5862e16c7fd90456960455
3	SIZE (ossec-hids-2.0.tar.gz) = 687694	3	SIZE (ossec-hids-2.4.1.tar.gz) = 727599




--- etc/rules/attack_rules.xml	2008-08-29 17:15:08.000000000 +0000
+++ attack_rules.xml	2008-09-28 21:39:52.000000000 +0000
@@ -85,11 +85,13 @@
     <description>by a success.</description>
   </rule>
 
+<!--
   <rule id="40113" level="12" frequency="6" timeframe="360">
     <if_matched_group>virus</if_matched_group>
     <description>Multiple viruses detected - Possible outbreak.</description>
     <group>virus,</group>
   </rule>
+-->
   
 </group> <!-- SYSLOG, ATTACKS, -->
 




--- etc/rules/mcafee_av_rules.xml	2008-08-28 15:56:00.000000000 +0000
+++ mcafee_av_rules.xml	2008-09-28 21:39:52.000000000 +0000
@@ -42,6 +42,7 @@
     <description>McAfee Windows AV error event.</description>
   </rule>
 
+<!--
   <rule id="7504" level="12">
     <if_sid>7500</if_sid>
     <regex>$MCAFEE_VIRUS</regex>
@@ -62,6 +63,7 @@
     <group>virus</group>
     <description>McAfee Windows AV - Virus detected and file will be deleted.</description>
   </rule>
+-->
 
   <rule id="7507" level="3">
     <if_sid>7500</if_sid>

Lines 1-17 Link Here

(-)ossec-hids-server/files/patch-symantec-av_rules.xml (-17 lines)
1	--- etc/rules/symantec-av_rules.xml 2008-06-17 17:03:56.000000000 +0000
2	+++ symantec-av_rules.xml 2008-09-28 21:39:52.000000000 +0000
3	@@ -31,12 +31,14 @@
4	<description>Grouping of Symantec AV rules from eventlog.</description>
5	</rule>
6
7	+<!--
8	<rule id="7310" level="9">
9	<if_sid>7300, 7301</if_sid>
10	<id>^5$\|^17$</id>
11	<group>virus</group>
12	<description>Virus detected.</description>
13	</rule>
14	+-->
15
16	<rule id="7320" level="3">
17	<if_sid>7300, 7301</if_sid>




%%PORTNAME%%/active-response/bin/host-deny.sh
%%PORTNAME%%/active-response/bin/ipfw_mac.sh
%%PORTNAME%%/active-response/bin/ipfw.sh
%%PORTNAME%%/active-response/bin/ossec-tweeter.sh
%%PORTNAME%%/active-response/bin/pf.sh
%%PORTNAME%%/active-response/bin/restart-ossec.sh
%%PORTNAME%%/active-response/bin/route-null.sh
%%PORTNAME%%/bin/agent_control
%%PORTNAME%%/bin/clear_stats
%%PORTNAME%%/bin/list_agents
%%PORTNAME%%/bin/manage_agents
%%PORTNAME%%/bin/ossec-agentd
%%PORTNAME%%/bin/ossec-agentlessd
%%PORTNAME%%/bin/ossec-analysisd
%%PORTNAME%%/bin/ossec-dbd
%%PORTNAME%%/bin/ossec-control
%%PORTNAME%%/bin/ossec-csyslogd
%%PORTNAME%%/bin/ossec-dbd
%%PORTNAME%%/bin/ossec-execd
%%PORTNAME%%/bin/ossec-logcollector
%%PORTNAME%%/bin/ossec-logtest
%%PORTNAME%%/bin/ossec-maild
%%PORTNAME%%/bin/ossec-monitord
%%PORTNAME%%/bin/ossec-remoted
%%PORTNAME%%/bin/ossec-reportd
%%PORTNAME%%/bin/ossec-syscheckd
%%PORTNAME%%/bin/syscheck_update
%%PORTNAME%%/bin/ossec-csyslogd
%%PORTNAME%%/bin/agent_control
%%PORTNAME%%/bin/syscheck_control
%%PORTNAME%%/bin/rootcheck_control
%%PORTNAME%%/bin/syscheck_control
%%PORTNAME%%/bin/syscheck_update
%%PORTNAME%%/bin/verify-agent-conf
%%PORTNAME%%/etc/decoder.xml
%%PORTNAME%%/etc/internal_options.conf
@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi

%%PORTNAME%%/logs/ossec.log
%%PORTNAME%%/rules/apache_rules.xml
%%PORTNAME%%/rules/arpwatch_rules.xml
%%PORTNAME%%/rules/asterisk_rules.xml
%%PORTNAME%%/rules/attack_rules.xml
%%PORTNAME%%/rules/cimserver_rules.xml
%%PORTNAME%%/rules/cisco-ios_rules.xml
%%PORTNAME%%/rules/courier_rules.xml
%%PORTNAME%%/rules/dovecot_rules.xml
%%PORTNAME%%/rules/firewall_rules.xml
%%PORTNAME%%/rules/ftpd_rules.xml
%%PORTNAME%%/rules/hordeimp_rules.xml

%%PORTNAME%%/rules/imapd_rules.xml
%%PORTNAME%%/rules/local_rules.xml
%%PORTNAME%%/rules/mailscanner_rules.xml
%%PORTNAME%%/rules/mcafee_av_rules.xml
%%PORTNAME%%/rules/ms-exchange_rules.xml
%%PORTNAME%%/rules/ms-se_rules.xml
%%PORTNAME%%/rules/ms_dhcp_rules.xml
%%PORTNAME%%/rules/ms_ftpd_rules.xml
%%PORTNAME%%/rules/msauth_rules.xml
%%PORTNAME%%/rules/mysql_rules.xml
%%PORTNAME%%/rules/named_rules.xml
%%PORTNAME%%/rules/netscreenfw_rules.xml
%%PORTNAME%%/rules/nginx_rules.xml
%%PORTNAME%%/rules/ossec_rules.xml
%%PORTNAME%%/rules/pam_rules.xml
%%PORTNAME%%/rules/php_rules.xml
%%PORTNAME%%/rules/pix_rules.xml
%%PORTNAME%%/rules/policy_rules.xml
%%PORTNAME%%/rules/postfix_rules.xml

%%PORTNAME%%/rules/proftpd_rules.xml
%%PORTNAME%%/rules/pure-ftpd_rules.xml
%%PORTNAME%%/rules/racoon_rules.xml
%%PORTNAME%%/rules/roundcube_rules.xml
%%PORTNAME%%/rules/rules_config.xml
%%PORTNAME%%/rules/sendmail_rules.xml
%%PORTNAME%%/rules/smbd_rules.xml
%%PORTNAME%%/rules/solaris_bsm_rules.xml
%%PORTNAME%%/rules/sonicwall_rules.xml
%%PORTNAME%%/rules/spamd_rules.xml
%%PORTNAME%%/rules/squid_rules.xml

%%PORTNAME%%/rules/symantec-ws_rules.xml
%%PORTNAME%%/rules/syslog_rules.xml
%%PORTNAME%%/rules/telnetd_rules.xml
%%PORTNAME%%/rules/trend-osce_rules.xml
%%PORTNAME%%/rules/vmpop3d_rules.xml
%%PORTNAME%%/rules/vmware_rules.xml
%%PORTNAME%%/rules/vpn_concentrator_rules.xml
%%PORTNAME%%/rules/vpopmail_rules.xml
%%PORTNAME%%/rules/vsftpd_rules.xml
%%PORTNAME%%/rules/web_rules.xml
%%PORTNAME%%/rules/wordpress_rules.xml
%%PORTNAME%%/rules/zeus_rules.xml
%%PORTNAME%%/rules/vmware_rules.xml
%%PORTNAME%%/rules/vmpop3d_rules.xml
%%PORTNAME%%/rules/solaris_bsm_rules.xml
%%PORTNAME%%/rules/mcafee_av_rules.xml
%%PORTNAME%%/rules/asterisk_rules.xml
%%PORTNAME%%/agentless/main.exp
%%PORTNAME%%/agentless/sshlogin.exp
%%PORTNAME%%/agentless/ssh_pixconfig_diff
%%PORTNAME%%/agentless/ssh_nopass.exp
%%PORTNAME%%/agentless/ssh_integrity_check_linux
%%PORTNAME%%/agentless/ssh_integrity_check_bsd
%%PORTNAME%%/agentless/ssh_generic_diff
%%PORTNAME%%/agentless/ssh.exp
%%PORTNAME%%/agentless/register_host.sh
%%PORTNAME%%/agentless/ssh.exp
%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
%%PORTNAME%%/agentless/ssh_foundry_diff
%%PORTNAME%%/agentless/ssh_generic_diff
%%PORTNAME%%/agentless/ssh_integrity_check_bsd
%%PORTNAME%%/agentless/ssh_integrity_check_linux
%%PORTNAME%%/agentless/ssh_nopass.exp
%%PORTNAME%%/agentless/ssh_pixconfig_diff
%%PORTNAME%%/agentless/sshlogin.exp
%%PORTNAME%%/agentless/su.exp
@dirrmtry %%PORTNAME%%/agentless
@dirrmtry %%PORTNAME%%/.ssh
@dirrmtry %%PORTNAME%%/active-response/bin
@dirrmtry %%PORTNAME%%/active-response
@dirrmtry %%PORTNAME%%/agentless
@dirrmtry %%PORTNAME%%/bin
@dirrmtry %%PORTNAME%%/etc/shared
@dirrmtry %%PORTNAME%%/etc
@dirrmtry %%PORTNAME%%/logs/alerts
@dirrmtry %%PORTNAME%%/logs/archives
@dirrmtry %%PORTNAME%%/logs/firewall
@dirrmtry %%PORTNAME%%/logs
@dirrmtry %%PORTNAME%%/queue/alerts
@dirrmtry %%PORTNAME%%/queue/agent-info
@dirrmtry %%PORTNAME%%/queue/diff
@dirrmtry %%PORTNAME%%/queue/agentless
@dirrmtry %%PORTNAME%%/queue/alerts
@dirrmtry %%PORTNAME%%/queue/diff
@dirrmtry %%PORTNAME%%/queue/fts
@dirrmtry %%PORTNAME%%/queue/ossec
@dirrmtry %%PORTNAME%%/queue/rids
@dirrmtry %%PORTNAME%%/queue/rootcheck
@dirrmtry %%PORTNAME%%/queue/syscheck
@dirrmtry %%PORTNAME%%/queue
@dirrmtry %%PORTNAME%%/rules
@dirrmtry %%PORTNAME%%/stats/hourly-average
@dirrmtry %%PORTNAME%%/stats/totals
@dirrmtry %%PORTNAME%%/stats/weekly-average
@dirrmtry %%PORTNAME%%/stats
@dirrmtry %%PORTNAME%%/tmp
@dirrmtry %%PORTNAME%%/var/run
@dirrmtry %%PORTNAME%%/var
@dirrmtry %%PORTNAME%%/active-response
@dirrmtry %%PORTNAME%%

Return to bug 148057

Lines 3-9 Link Here

(-)ossec-hids-client/pkg-plist.client (-2 / +6 lines)
3	%%PORTNAME%%/active-response/bin/host-deny.sh	3	%%PORTNAME%%/active-response/bin/host-deny.sh
4	%%PORTNAME%%/active-response/bin/ipfw.sh	4	%%PORTNAME%%/active-response/bin/ipfw.sh
5	%%PORTNAME%%/active-response/bin/ipfw_mac.sh	5	%%PORTNAME%%/active-response/bin/ipfw_mac.sh
		6	%%PORTNAME%%/active-response/bin/ossec-tweeter.sh
6	%%PORTNAME%%/active-response/bin/pf.sh	7	%%PORTNAME%%/active-response/bin/pf.sh
		8	%%PORTNAME%%/active-response/bin/restart-ossec.sh
7	%%PORTNAME%%/active-response/bin/route-null.sh	9	%%PORTNAME%%/active-response/bin/route-null.sh
8	%%PORTNAME%%/bin/manage_agents	10	%%PORTNAME%%/bin/manage_agents
9	%%PORTNAME%%/bin/ossec-agentd	11	%%PORTNAME%%/bin/ossec-agentd
Lines 11-17 Link Here
11	%%PORTNAME%%/bin/ossec-execd	13	%%PORTNAME%%/bin/ossec-execd
12	%%PORTNAME%%/bin/ossec-logcollector	14	%%PORTNAME%%/bin/ossec-logcollector
13	%%PORTNAME%%/bin/ossec-syscheckd	15	%%PORTNAME%%/bin/ossec-syscheckd
14	%%PORTNAME%%/etc/internal_options.conf
15	%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt	16	%%PORTNAME%%/etc/shared/cis_debian_linux_rcl.txt
16	%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt	17	%%PORTNAME%%/etc/shared/cis_rhel_linux_rcl.txt
17	%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt	18	%%PORTNAME%%/etc/shared/cis_rhel5_linux_rcl.txt
Lines 23-31 Link Here
23	%%PORTNAME%%/etc/shared/win_applications_rcl.txt	24	%%PORTNAME%%/etc/shared/win_applications_rcl.txt
24	@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi	25	@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
25	%%PORTNAME%%/etc/ossec.conf.sample	26	%%PORTNAME%%/etc/ossec.conf.sample
		27	%%PORTNAME%%/etc/localtime
		28	%%PORTNAME%%/etc/internal_options.conf
26	%%PORTNAME%%/logs/ossec.log	29	%%PORTNAME%%/logs/ossec.log
27	%%PORTNAME%%/agentless/main.exp	30	%%PORTNAME%%/agentless/main.exp
28	%%PORTNAME%%/agentless/sshlogin.exp	31	%%PORTNAME%%/agentless/sshlogin.exp
		32	%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
		33	%%PORTNAME%%/agentless/ssh_foundry_diff
29	%%PORTNAME%%/agentless/ssh_pixconfig_diff	34	%%PORTNAME%%/agentless/ssh_pixconfig_diff
30	%%PORTNAME%%/agentless/ssh_nopass.exp	35	%%PORTNAME%%/agentless/ssh_nopass.exp
31	%%PORTNAME%%/agentless/ssh_integrity_check_linux	36	%%PORTNAME%%/agentless/ssh_integrity_check_linux
Lines 35-41 Link Here
35	%%PORTNAME%%/agentless/register_host.sh	40	%%PORTNAME%%/agentless/register_host.sh
36	%%PORTNAME%%/agentless/su.exp	41	%%PORTNAME%%/agentless/su.exp
37	@dirrmtry %%PORTNAME%%/agentless	42	@dirrmtry %%PORTNAME%%/agentless
38	@dirrmtry %%PORTNAME%%/active-response/bin/firewalls
39	@dirrmtry %%PORTNAME%%/active-response/bin	43	@dirrmtry %%PORTNAME%%/active-response/bin
40	@dirrmtry %%PORTNAME%%/active-response	44	@dirrmtry %%PORTNAME%%/active-response
41	@dirrmtry %%PORTNAME%%/etc/shared	45	@dirrmtry %%PORTNAME%%/etc/shared

Lines 1-16 Link Here

(-)ossec-hids-server/files/patch-attack_rules.xml (-16 lines)
1	--- etc/rules/attack_rules.xml 2008-08-29 17:15:08.000000000 +0000
2	+++ attack_rules.xml 2008-09-28 21:39:52.000000000 +0000
3	@@ -85,11 +85,13 @@
4	<description>by a success.</description>
5	</rule>
6
7	+<!--
8	<rule id="40113" level="12" frequency="6" timeframe="360">
9	<if_matched_group>virus</if_matched_group>
10	<description>Multiple viruses detected - Possible outbreak.</description>
11	<group>virus,</group>
12	</rule>
13	+-->
14
15	</group> <!-- SYSLOG, ATTACKS, -->
16

Lines 1-18 Link Here

(-)ossec-hids-server/files/patch-mcafee_av_rules.xml (-18 lines)
1	--- etc/rules/mcafee_av_rules.xml 2008-08-28 15:56:00.000000000 +0000
2	+++ mcafee_av_rules.xml 2008-09-28 21:39:52.000000000 +0000
3	@@ -42,6 +42,7 @@
4	<description>McAfee Windows AV error event.</description>
5	</rule>
6
7	+<!--
8	<rule id="7504" level="12">
9	<if_sid>7500</if_sid>
10	<regex>$MCAFEE_VIRUS</regex>
11	@@ -62,6 +63,7 @@
12	<group>virus</group>
13	<description>McAfee Windows AV - Virus detected and file will be deleted.</description>
14	</rule>
15	+-->
16
17	<rule id="7507" level="3">
18	<if_sid>7500</if_sid>

Lines 3-30 Link Here

(-)ossec-hids-server/pkg-plist (-41 / +59 lines)
3	%%PORTNAME%%/active-response/bin/host-deny.sh	3	%%PORTNAME%%/active-response/bin/host-deny.sh
4	%%PORTNAME%%/active-response/bin/ipfw_mac.sh	4	%%PORTNAME%%/active-response/bin/ipfw_mac.sh
5	%%PORTNAME%%/active-response/bin/ipfw.sh	5	%%PORTNAME%%/active-response/bin/ipfw.sh
		6	%%PORTNAME%%/active-response/bin/ossec-tweeter.sh
6	%%PORTNAME%%/active-response/bin/pf.sh	7	%%PORTNAME%%/active-response/bin/pf.sh
		8	%%PORTNAME%%/active-response/bin/restart-ossec.sh
7	%%PORTNAME%%/active-response/bin/route-null.sh	9	%%PORTNAME%%/active-response/bin/route-null.sh
		10	%%PORTNAME%%/bin/agent_control
8	%%PORTNAME%%/bin/clear_stats	11	%%PORTNAME%%/bin/clear_stats
9	%%PORTNAME%%/bin/list_agents	12	%%PORTNAME%%/bin/list_agents
10	%%PORTNAME%%/bin/manage_agents	13	%%PORTNAME%%/bin/manage_agents
11	%%PORTNAME%%/bin/ossec-agentd	14	%%PORTNAME%%/bin/ossec-agentd
		15	%%PORTNAME%%/bin/ossec-agentlessd
12	%%PORTNAME%%/bin/ossec-analysisd	16	%%PORTNAME%%/bin/ossec-analysisd
13	%%PORTNAME%%/bin/ossec-dbd
14	%%PORTNAME%%/bin/ossec-control	17	%%PORTNAME%%/bin/ossec-control
		18	%%PORTNAME%%/bin/ossec-csyslogd
		19	%%PORTNAME%%/bin/ossec-dbd
15	%%PORTNAME%%/bin/ossec-execd	20	%%PORTNAME%%/bin/ossec-execd
16	%%PORTNAME%%/bin/ossec-logcollector	21	%%PORTNAME%%/bin/ossec-logcollector
		22	%%PORTNAME%%/bin/ossec-logtest
17	%%PORTNAME%%/bin/ossec-maild	23	%%PORTNAME%%/bin/ossec-maild
18	%%PORTNAME%%/bin/ossec-monitord	24	%%PORTNAME%%/bin/ossec-monitord
19	%%PORTNAME%%/bin/ossec-remoted	25	%%PORTNAME%%/bin/ossec-remoted
		26	%%PORTNAME%%/bin/ossec-reportd
20	%%PORTNAME%%/bin/ossec-syscheckd	27	%%PORTNAME%%/bin/ossec-syscheckd
21	%%PORTNAME%%/bin/syscheck_update
22	%%PORTNAME%%/bin/ossec-csyslogd
23	%%PORTNAME%%/bin/agent_control
24	%%PORTNAME%%/bin/syscheck_control
25	%%PORTNAME%%/bin/rootcheck_control	28	%%PORTNAME%%/bin/rootcheck_control
26	%%PORTNAME%%/bin/ossec-reportd	29	%%PORTNAME%%/bin/syscheck_control
27	%%PORTNAME%%/bin/ossec-agentlessd	30	%%PORTNAME%%/bin/syscheck_update
		31	%%PORTNAME%%/bin/verify-agent-conf
28	%%PORTNAME%%/etc/decoder.xml	32	%%PORTNAME%%/etc/decoder.xml
29	%%PORTNAME%%/etc/internal_options.conf	33	%%PORTNAME%%/etc/internal_options.conf
30	@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi	34	@unexec if cmp -s %D/%%PORTNAME%%/etc/ossec.conf %D/%%PORTNAME%%/etc/ossec.conf.sample; then rm -f %D/%%PORTNAME%%/etc/ossec.conf; fi
Lines 41-49 Link Here
41	%%PORTNAME%%/logs/ossec.log	45	%%PORTNAME%%/logs/ossec.log
42	%%PORTNAME%%/rules/apache_rules.xml	46	%%PORTNAME%%/rules/apache_rules.xml
43	%%PORTNAME%%/rules/arpwatch_rules.xml	47	%%PORTNAME%%/rules/arpwatch_rules.xml
		48	%%PORTNAME%%/rules/asterisk_rules.xml
44	%%PORTNAME%%/rules/attack_rules.xml	49	%%PORTNAME%%/rules/attack_rules.xml
		50	%%PORTNAME%%/rules/cimserver_rules.xml
45	%%PORTNAME%%/rules/cisco-ios_rules.xml	51	%%PORTNAME%%/rules/cisco-ios_rules.xml
46	%%PORTNAME%%/rules/courier_rules.xml	52	%%PORTNAME%%/rules/courier_rules.xml
		53	%%PORTNAME%%/rules/dovecot_rules.xml
47	%%PORTNAME%%/rules/firewall_rules.xml	54	%%PORTNAME%%/rules/firewall_rules.xml
48	%%PORTNAME%%/rules/ftpd_rules.xml	55	%%PORTNAME%%/rules/ftpd_rules.xml
49	%%PORTNAME%%/rules/hordeimp_rules.xml	56	%%PORTNAME%%/rules/hordeimp_rules.xml
Lines 51-64 Link Here
51	%%PORTNAME%%/rules/imapd_rules.xml	58	%%PORTNAME%%/rules/imapd_rules.xml
52	%%PORTNAME%%/rules/local_rules.xml	59	%%PORTNAME%%/rules/local_rules.xml
53	%%PORTNAME%%/rules/mailscanner_rules.xml	60	%%PORTNAME%%/rules/mailscanner_rules.xml
		61	%%PORTNAME%%/rules/mcafee_av_rules.xml
54	%%PORTNAME%%/rules/ms-exchange_rules.xml	62	%%PORTNAME%%/rules/ms-exchange_rules.xml
		63	%%PORTNAME%%/rules/ms-se_rules.xml
		64	%%PORTNAME%%/rules/ms_dhcp_rules.xml
55	%%PORTNAME%%/rules/ms_ftpd_rules.xml	65	%%PORTNAME%%/rules/ms_ftpd_rules.xml
56	%%PORTNAME%%/rules/msauth_rules.xml	66	%%PORTNAME%%/rules/msauth_rules.xml
57	%%PORTNAME%%/rules/mysql_rules.xml	67	%%PORTNAME%%/rules/mysql_rules.xml
58	%%PORTNAME%%/rules/named_rules.xml	68	%%PORTNAME%%/rules/named_rules.xml
59	%%PORTNAME%%/rules/netscreenfw_rules.xml	69	%%PORTNAME%%/rules/netscreenfw_rules.xml
		70	%%PORTNAME%%/rules/nginx_rules.xml
60	%%PORTNAME%%/rules/ossec_rules.xml	71	%%PORTNAME%%/rules/ossec_rules.xml
61	%%PORTNAME%%/rules/pam_rules.xml	72	%%PORTNAME%%/rules/pam_rules.xml
		73	%%PORTNAME%%/rules/php_rules.xml
62	%%PORTNAME%%/rules/pix_rules.xml	74	%%PORTNAME%%/rules/pix_rules.xml
63	%%PORTNAME%%/rules/policy_rules.xml	75	%%PORTNAME%%/rules/policy_rules.xml
64	%%PORTNAME%%/rules/postfix_rules.xml	76	%%PORTNAME%%/rules/postfix_rules.xml
Lines 66-74 Link Here
66	%%PORTNAME%%/rules/proftpd_rules.xml	78	%%PORTNAME%%/rules/proftpd_rules.xml
67	%%PORTNAME%%/rules/pure-ftpd_rules.xml	79	%%PORTNAME%%/rules/pure-ftpd_rules.xml
68	%%PORTNAME%%/rules/racoon_rules.xml	80	%%PORTNAME%%/rules/racoon_rules.xml
		81	%%PORTNAME%%/rules/roundcube_rules.xml
69	%%PORTNAME%%/rules/rules_config.xml	82	%%PORTNAME%%/rules/rules_config.xml
70	%%PORTNAME%%/rules/sendmail_rules.xml	83	%%PORTNAME%%/rules/sendmail_rules.xml
71	%%PORTNAME%%/rules/smbd_rules.xml	84	%%PORTNAME%%/rules/smbd_rules.xml
		85	%%PORTNAME%%/rules/solaris_bsm_rules.xml
72	%%PORTNAME%%/rules/sonicwall_rules.xml	86	%%PORTNAME%%/rules/sonicwall_rules.xml
73	%%PORTNAME%%/rules/spamd_rules.xml	87	%%PORTNAME%%/rules/spamd_rules.xml
74	%%PORTNAME%%/rules/squid_rules.xml	88	%%PORTNAME%%/rules/squid_rules.xml
Lines 77-126 Link Here
77	%%PORTNAME%%/rules/symantec-ws_rules.xml	91	%%PORTNAME%%/rules/symantec-ws_rules.xml
78	%%PORTNAME%%/rules/syslog_rules.xml	92	%%PORTNAME%%/rules/syslog_rules.xml
79	%%PORTNAME%%/rules/telnetd_rules.xml	93	%%PORTNAME%%/rules/telnetd_rules.xml
		94	%%PORTNAME%%/rules/trend-osce_rules.xml
		95	%%PORTNAME%%/rules/vmpop3d_rules.xml
		96	%%PORTNAME%%/rules/vmware_rules.xml
80	%%PORTNAME%%/rules/vpn_concentrator_rules.xml	97	%%PORTNAME%%/rules/vpn_concentrator_rules.xml
81	%%PORTNAME%%/rules/vpopmail_rules.xml	98	%%PORTNAME%%/rules/vpopmail_rules.xml
82	%%PORTNAME%%/rules/vsftpd_rules.xml	99	%%PORTNAME%%/rules/vsftpd_rules.xml
83	%%PORTNAME%%/rules/web_rules.xml	100	%%PORTNAME%%/rules/web_rules.xml
		101	%%PORTNAME%%/rules/wordpress_rules.xml
84	%%PORTNAME%%/rules/zeus_rules.xml	102	%%PORTNAME%%/rules/zeus_rules.xml
85	%%PORTNAME%%/rules/vmware_rules.xml
86	%%PORTNAME%%/rules/vmpop3d_rules.xml
87	%%PORTNAME%%/rules/solaris_bsm_rules.xml
88	%%PORTNAME%%/rules/mcafee_av_rules.xml
89	%%PORTNAME%%/rules/asterisk_rules.xml
90	%%PORTNAME%%/agentless/main.exp	103	%%PORTNAME%%/agentless/main.exp
91	%%PORTNAME%%/agentless/sshlogin.exp
92	%%PORTNAME%%/agentless/ssh_pixconfig_diff
93	%%PORTNAME%%/agentless/ssh_nopass.exp
94	%%PORTNAME%%/agentless/ssh_integrity_check_linux
95	%%PORTNAME%%/agentless/ssh_integrity_check_bsd
96	%%PORTNAME%%/agentless/ssh_generic_diff
97	%%PORTNAME%%/agentless/ssh.exp
98	%%PORTNAME%%/agentless/register_host.sh	104	%%PORTNAME%%/agentless/register_host.sh
		105	%%PORTNAME%%/agentless/ssh.exp
		106	%%PORTNAME%%/agentless/ssh_asa-fwsmconfig_diff
		107	%%PORTNAME%%/agentless/ssh_foundry_diff
		108	%%PORTNAME%%/agentless/ssh_generic_diff
		109	%%PORTNAME%%/agentless/ssh_integrity_check_bsd
		110	%%PORTNAME%%/agentless/ssh_integrity_check_linux
		111	%%PORTNAME%%/agentless/ssh_nopass.exp
		112	%%PORTNAME%%/agentless/ssh_pixconfig_diff
		113	%%PORTNAME%%/agentless/sshlogin.exp
99	%%PORTNAME%%/agentless/su.exp	114	%%PORTNAME%%/agentless/su.exp
100	@dirrmtry %%PORTNAME%%/agentless
101	@dirrmtry %%PORTNAME%%/.ssh	115	@dirrmtry %%PORTNAME%%/.ssh
102	@dirrmtry %%PORTNAME%%/var/run	116	@dirrmtry %%PORTNAME%%/active-response/bin
103	@dirrmtry %%PORTNAME%%/var	117	@dirrmtry %%PORTNAME%%/active-response
104	@dirrmtry %%PORTNAME%%/tmp	118	@dirrmtry %%PORTNAME%%/agentless
105	@dirrmtry %%PORTNAME%%/stats	119	@dirrmtry %%PORTNAME%%/bin
106	@dirrmtry %%PORTNAME%%/rules	120	@dirrmtry %%PORTNAME%%/etc/shared
107	@dirrmtry %%PORTNAME%%/queue/syscheck	121	@dirrmtry %%PORTNAME%%/etc
108	@dirrmtry %%PORTNAME%%/queue/rootcheck	122	@dirrmtry %%PORTNAME%%/logs/alerts
109	@dirrmtry %%PORTNAME%%/queue/rids	123	@dirrmtry %%PORTNAME%%/logs/archives
110	@dirrmtry %%PORTNAME%%/queue/ossec	124	@dirrmtry %%PORTNAME%%/logs/firewall
111	@dirrmtry %%PORTNAME%%/queue/fts	125	@dirrmtry %%PORTNAME%%/logs
112	@dirrmtry %%PORTNAME%%/queue/alerts
113	@dirrmtry %%PORTNAME%%/queue/agent-info	126	@dirrmtry %%PORTNAME%%/queue/agent-info
114	@dirrmtry %%PORTNAME%%/queue/diff
115	@dirrmtry %%PORTNAME%%/queue/agentless	127	@dirrmtry %%PORTNAME%%/queue/agentless
		128	@dirrmtry %%PORTNAME%%/queue/alerts
		129	@dirrmtry %%PORTNAME%%/queue/diff
		130	@dirrmtry %%PORTNAME%%/queue/fts
		131	@dirrmtry %%PORTNAME%%/queue/ossec
		132	@dirrmtry %%PORTNAME%%/queue/rids
		133	@dirrmtry %%PORTNAME%%/queue/rootcheck
		134	@dirrmtry %%PORTNAME%%/queue/syscheck
116	@dirrmtry %%PORTNAME%%/queue	135	@dirrmtry %%PORTNAME%%/queue
117	@dirrmtry %%PORTNAME%%/logs/firewall	136	@dirrmtry %%PORTNAME%%/rules
118	@dirrmtry %%PORTNAME%%/logs/archives	137	@dirrmtry %%PORTNAME%%/stats/hourly-average
119	@dirrmtry %%PORTNAME%%/logs/alerts	138	@dirrmtry %%PORTNAME%%/stats/totals
120	@dirrmtry %%PORTNAME%%/logs	139	@dirrmtry %%PORTNAME%%/stats/weekly-average
121	@dirrmtry %%PORTNAME%%/etc/shared	140	@dirrmtry %%PORTNAME%%/stats
122	@dirrmtry %%PORTNAME%%/etc	141	@dirrmtry %%PORTNAME%%/tmp
123	@dirrmtry %%PORTNAME%%/bin	142	@dirrmtry %%PORTNAME%%/var/run
124	@dirrmtry %%PORTNAME%%/active-response/bin	143	@dirrmtry %%PORTNAME%%/var
125	@dirrmtry %%PORTNAME%%/active-response
126	@dirrmtry %%PORTNAME%%	144	@dirrmtry %%PORTNAME%%