close
Warning:
Can't synchronize with repository "(default)" (Unsupported version control system "svn": libsvn_ra_svn-1.so.1: failed to map segment from shared object: Cannot allocate memory). Look in the Trac log for more information.
- Timestamp:
-
Jul 16, 2008, 9:59:59 AM (17 years ago)
- Author:
-
waue
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v1
|
v2
|
|
| | 1 | [[PageOutline]] |
| | 2 | |
| 1 | 3 | = 正規表示法 Rules = |
| 2 | 4 | |
| … |
… |
|
| 36 | 38 | |
| 37 | 39 | == Snort Log 範例 == |
| 38 | | {{{ |
| 39 | | [**] [1:2189:3] BAD-TRAFFIC IP Proto 103 PIM [**] [[br]] |
| 40 | | [Classification: Detection of a non-standard protocol or event] [Priority: 2] [[br]] |
| 41 | | 07/08-14:58:56.295033 140.110.138.253 -> 224.0.0.13 [[br]] |
| 42 | | PIM TTL:1 TOS:0xC0 ID:11423 IpLen:20 DgmLen:54 [[br]] |
| 43 | | [Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0567][Xref => http://www.securityfocus.com/bid/8211] [[br]] |
| 44 | | }}} |
| | 40 | |
| | 41 | '''[**] [1:2189:3] BAD-TRAFFIC IP Proto 103 PIM [**]''' |
| | 42 | |
| | 43 | '''[Classification: Detection of a non-standard protocol or event] [Priority: 2] ''' |
| | 44 | |
| | 45 | '''07/08-14:58:56.295033 140.110.138.253 -> 224.0.0.13''' |
| | 46 | |
| | 47 | '''PIM TTL:1 TOS:0xC0 ID:11423 IpLen:20 DgmLen:54''' |
| | 48 | |
| | 49 | '''[Xref => http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0567][Xref => http://www.securityfocus.com/bid/8211]''' |
| | 50 | |
| 45 | 51 | * 開發工具 : [http://www.waterproof.fr/products/RegExpEditor/ Regular Expression Editor] |
| 46 | 52 | ----------- |
