From: Franck B. <fra...@us...> - 2007-01-28 23:28:19
|
Update of /cvsroot/ipcop/ipcop/config/snort In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv20233 Modified Files: Tag: IPCOP_v1_4_0 snort.conf Log Message: Correct some small syntax discovered with snort -T (test config) Index: snort.conf =================================================================== RCS file: /cvsroot/ipcop/ipcop/config/snort/snort.conf,v retrieving revision 1.6.2.2 retrieving revision 1.6.2.3 diff -C2 -d -r1.6.2.2 -r1.6.2.3 *** snort.conf 28 Jan 2007 01:09:21 -0000 1.6.2.2 --- snort.conf 28 Jan 2007 23:28:15 -0000 1.6.2.3 *************** *** 266,270 **** # 2 Teardrop-type attack ! preprocessor frag2: memcap 2097152 # frag3: Target-based IP defragmentation --- 266,270 ---- # 2 Teardrop-type attack ! # deprecated preprocessor frag2: memcap 2097152 # frag3: Target-based IP defragmentation *************** *** 323,328 **** #preprocessor frag3_engine: policy bsd ! preprocessor frag3_global: memcap 2097152 max_frags 65536 ! preprocessor frag3_engine: policy linux detect_anomalies --- 323,328 ---- #preprocessor frag3_engine: policy bsd ! preprocessor frag3_global: memcap 2097152, max_frags 65536 ! preprocessor frag3_engine: policy linux detect_anomalies *************** *** 403,407 **** # 14 TCP forward overlap ! preprocessor stream4: memcap 2097152 detect_scans disable_evasion_alerts # tcp stream reassembly directive --- 403,407 ---- # 14 TCP forward overlap ! preprocessor stream4: memcap 2097152, detect_scans, disable_evasion_alerts # tcp stream reassembly directive *************** *** 439,443 **** # Using the default random flushpoints, the smallest flushpoint is 512, # and the largest is 1725 bytes. ! preprocessor stream4_reassemble: noalerts --- 439,443 ---- # Using the default random flushpoints, the smallest flushpoint is 512, # and the largest is 1725 bytes. ! preprocessor stream4_reassemble: noalerts, flush_behavior large_window |