![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / security / prelude-lml
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.16, Mon Aug 22 22:59:09 2022 UTC (15 months, 2 weeks ago) by tnn
Branch: MAIN
CVS Tags: HEAD
Changes since 1.15: +1 -1
lines
FILE REMOVED
prelude: remove from pkgsrc prelude is unmaintained in pkgsrc since 2009 and is several major versions behind. This makes it useless for it's intended purpose as an intrusion detection system. Can be revived if/when there is an interested maintainer. But it's probably easier to start from scratch given how stale these packages were.
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jan 1 22:29:54 2018 UTC (5 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2,
pkgsrc-2022Q1-base,
pkgsrc-2022Q1,
pkgsrc-2021Q4-base,
pkgsrc-2021Q4,
pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1,
pkgsrc-2020Q4-base,
pkgsrc-2020Q4,
pkgsrc-2020Q3-base,
pkgsrc-2020Q3,
pkgsrc-2020Q2-base,
pkgsrc-2020Q2,
pkgsrc-2020Q1-base,
pkgsrc-2020Q1,
pkgsrc-2019Q4-base,
pkgsrc-2019Q4,
pkgsrc-2019Q3-base,
pkgsrc-2019Q3,
pkgsrc-2019Q2-base,
pkgsrc-2019Q2,
pkgsrc-2019Q1-base,
pkgsrc-2019Q1,
pkgsrc-2018Q4-base,
pkgsrc-2018Q4,
pkgsrc-2018Q3-base,
pkgsrc-2018Q3,
pkgsrc-2018Q2-base,
pkgsrc-2018Q2,
pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.14: +16 -17
lines
Diff to previous 1.14 (colored)
Sort PLIST files. Unsorted entries in PLIST files have generated a pkglint warning for at least 12 years. Somewhat more recently, pkglint has learned to sort PLIST files automatically. Since pkglint 5.4.23, the sorting is only done in obvious, simple cases. These have been applied by running: pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
Revision 1.14 / (download) - annotate - [select for diffs], Tue Mar 11 14:05:14 2014 UTC (9 years, 9 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4,
pkgsrc-2017Q3-base,
pkgsrc-2017Q3,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2,
pkgsrc-2017Q1-base,
pkgsrc-2017Q1,
pkgsrc-2016Q4-base,
pkgsrc-2016Q4,
pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1,
pkgsrc-2015Q4-base,
pkgsrc-2015Q4,
pkgsrc-2015Q3-base,
pkgsrc-2015Q3,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1,
pkgsrc-2014Q4-base,
pkgsrc-2014Q4,
pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2,
pkgsrc-2014Q1-base,
pkgsrc-2014Q1
Changes since 1.13: +1 -2
lines
Diff to previous 1.13 (colored)
Remove example rc.d scripts from PLISTs. These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or ignored otherwise.
Revision 1.13 / (download) - annotate - [select for diffs], Sun Aug 23 19:49:27 2009 UTC (14 years, 3 months ago) by hasso
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base,
pkgsrc-2013Q4,
pkgsrc-2013Q3-base,
pkgsrc-2013Q3,
pkgsrc-2013Q2-base,
pkgsrc-2013Q2,
pkgsrc-2013Q1-base,
pkgsrc-2013Q1,
pkgsrc-2012Q4-base,
pkgsrc-2012Q4,
pkgsrc-2012Q3-base,
pkgsrc-2012Q3,
pkgsrc-2012Q2-base,
pkgsrc-2012Q2,
pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3
Changes since 1.12: +7 -5
lines
Diff to previous 1.12 (colored)
Update to 0.9.15. Changes since 0.9.14: - Make the Prelude-LML UDP server IPv6 compatible. - Implement 'idmef-alter' and 'idmef-alter-force' option, alloing to include static values into IDMEF events generated using a given format. - New PPP/PPTPD/L2TP ruleset, by Alexander Afonyashin <firm <at> iname.com>, with slight modification from Pierre Chifflier <p.chifflier <at> inl.fr>. Close #340. - Fix CISCO VPN ruleset so that the 'Authentication rejected' rule will trigger even if the 'server' field does not contain a word (fix #328). - Remove dos-style end-of-lines (Closes #338) - Fixes possible off by one when parsing variable reference number, and remove un-needed check that would always evaluate to TRUE.Thanks Steve Grubb <sgrubb <at> redhat.com> for reporting this problem (and running flexelint on the Prelude sources)! - Update for libtool 2.x compatibility. - This simplify the whole regular expression handling a lot, making the code much easier to read, and fixing potential problem with ovector assignement. This code should also improve performance by a small factor. - Change CISCO references urls to their new location, add CISCO ASA rule to handle discarded tcp or udp packets. - Various fixes and update.
Revision 1.12 / (download) - annotate - [select for diffs], Sun Jun 14 18:13:36 2009 UTC (14 years, 5 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base,
pkgsrc-2009Q2
Changes since 1.11: +1 -5
lines
Diff to previous 1.11 (colored)
Remove @dirrm entries from PLISTs
Revision 1.11 / (download) - annotate - [select for diffs], Tue Aug 26 22:23:29 2008 UTC (15 years, 3 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.10: +2 -1
lines
Diff to previous 1.10 (colored)
Update to 0.9.13. Changes: ModSecurity ruleset rewrite, by Peter Vrabec <pvrabec@redhat.com> and Dan Kopecek <dkopecek@redhat.com>. This ruleset handle ModSecurity 2.0 output. (Fix #216). - New rulesets for FreeBSD su attempts, by Alexander Afonyashin <firm@iname.com> (Fix #304). - Add additional format to the default configuration to deal with apache error_log file format, by Alexander Afonyashin <firm@iname.com> (Fix #307). - Normalize some classification: introduce Remote Login, and Credentials Change. Cleanup SSH ruleset, and remove duplicated rules.
Revision 1.10 / (download) - annotate - [select for diffs], Mon Apr 28 10:54:08 2008 UTC (15 years, 7 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
cwrapper
Changes since 1.9: +6 -1
lines
Diff to previous 1.9 (colored)
Update to 0.9.12.2. Changes: - [rulesets]: Remove successful/failure keyword from classification (use IDMEF completion). Analyzer class sanitization. - [nagios] Handle Nagios V2 log entry (fix #283). - [spamassassin] Fix incorrect AdditionalData assignement. - New Suhosin ruleset, by Sebastien Tricaud <toady@inl.fr> - Fix invalid logfile inconsistency alert that could be triggered in a rare case, after a renaming detection. Alert improvement. - On logfile inconsistency alert, do not re-analyze the whole file. - Remove the 1024 bytes per PCRE reference limit. - Minor bug fixes, build system cleanup.
Revision 1.9 / (download) - annotate - [select for diffs], Mon Oct 29 21:53:24 2007 UTC (16 years, 1 month ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4
Changes since 1.8: +1 -5
lines
Diff to previous 1.8 (colored)
PLIST correction
Revision 1.8 / (download) - annotate - [select for diffs], Wed Sep 5 20:43:41 2007 UTC (16 years, 3 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3
Changes since 1.7: +5 -1
lines
Diff to previous 1.7 (colored)
PLIST fix
Revision 1.7 / (download) - annotate - [select for diffs], Sat May 12 10:00:35 2007 UTC (16 years, 7 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base,
pkgsrc-2007Q2
Changes since 1.6: +3 -1
lines
Diff to previous 1.6 (colored)
Update to 0.9.9. Changes: - Pattern can now be used to specify file to be monitored. - Fix an issue in the detection of buggy writev() FAM notification. - Add bonding.rules, by Paul Robert Marino <prmarino1@gmail.com>. - ModSecurity ruleset update: remove unnecessary fields + ModSecurity 2.0 compatibility. - New Cisco IOS common ruleset, by Alexandre Racine. - Avoid duplicating information in node name and node address. - Add rule ID and revision to the generated alert for each matched rule. Fix #206. - Handle "last" keyword even if the rule does not contain any IDMEF assignment. Fix #218. - Various bug fixes.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Feb 23 15:22:10 2007 UTC (16 years, 9 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.5: +7 -2
lines
Diff to previous 1.5 (colored)
Update to 0.9.8.1. Changes: - Various portability fixes. - Introduce Cisco ASA IPS module support. - Introduce yum support. - Introduce Cacti thold plugin support. - Introduce Microsoft Cluster Service support. - Honeyd rules update and improvement. - Updated NAVCE rules; modified ClamAV rules for consistency. - Improve NTSyslog ruleset. - Added rule to ignore LML's "could not match prefix" log entries. - Fix format problem with Apache logs from western hemisphere (- versus + TZ). - Fix Squid process exited rule (#185).
Revision 1.5 / (download) - annotate - [select for diffs], Tue Jul 11 09:41:33 2006 UTC (17 years, 5 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored)
Update to prelude-lml 0.9.6. Changes: - Fix a bug where some rules marked silent would trigger an alert. - Load Sonicwall and Spamassassin ruleset by default. - Fix rule syntax problem in Sonicwall ruleset. - Fix rule indexing problem in Squid ruleset. - Postfix rule consistency fix.
Revision 1.4 / (download) - annotate - [select for diffs], Mon May 22 14:01:54 2006 UTC (17 years, 6 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base,
pkgsrc-2006Q2
Changes since 1.3: +3 -1
lines
Diff to previous 1.3 (colored)
Added 2 missing files to PLIST
Revision 1.3 / (download) - annotate - [select for diffs], Sun May 21 15:50:18 2006 UTC (17 years, 6 months ago) by rillig
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
Fixed pkglint warnings.
Revision 1.2 / (download) - annotate - [select for diffs], Sat May 20 19:12:32 2006 UTC (17 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.1: +51 -1
lines
Diff to previous 1.1 (colored)
Use config file framework.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Jan 29 15:56:42 2006 UTC (17 years, 10 months ago) by shannonjr
Branch: TNF
CVS Tags: pkgsrc-base,
pkgsrc-2006Q1-base,
pkgsrc-2006Q1
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored)
Prelude is a hybrid IDS consisting of multiple sensors, managers, and a display console. Prelude-lml is the log file analyzer. It scans system log files and generates IDMEF alerts to the prelude-manager based on signature rulesets. This is one of sever new Prelude packages.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Jan 29 15:56:42 2006 UTC (17 years, 10 months ago) by shannonjr
Branch: MAIN
Initial revision