evolix/serveur-base
Archived
21
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

New logcheck exceptions

Browse source
This commit is contained in:
Gregory Colpart 2011-10-21 00:44:29 +02:00
parent 67087fc0f4
commit 3d5bccba84
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
debian/logcheck/evolix_iptables vendored
View file

@ -1,3 +1,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=eth[0-9] OUT= MAC=.*
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=.*DPT=22
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[.0-9].*\] \[IPTABLES DROP\] : IN=eth0 OUT= MAC=.*
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=eth0 OUT= MAC=.*
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=.*DPT=22

1
debian/logcheck/evolix_php vendored
View file

@ -4,3 +4,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_SERVER\[\w+\]' through POST variables \(attacker.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to increase memory_limit to [0-9]+ bytes which is above the allowed value.+fcargoet.+google-sitemap-generator.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - ASCII-NUL chars not allowed within request variables.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed \(attacker '[A-Za-z0-9._ ]+', file '[A-Za-z0-9._/ ]+'\)$