var SQL_SERVERS $HOME_NET
var TELNET_SERVERS $HOME_NET
var HTTP_PORTS 80
+var SSH_PORTS 22 222
var SHELLCODE_PORTS !80
var ORACLE_PORTS 1521
var AIM_SERVERS [64.12.24.0/24,64.12.25.0/24,64.12.26.14/24,64.12.28.0/24,64.12.29.0/24,64.12.161.0/24,64.12.163.0/24,205.188.5.0/24,205.188.9.0/24]
alert-mode once \
output-mode msg \
tcp-penalties on
-preprocessor xlink2state: ports { 25 691 }
#=========================================
include $RULE_PATH/classification.config
include $RULE_PATH/reference.config
#=========================================
include $RULE_PATH/bleeding-attack_response.rules
-include $RULE_PATH/bleeding-botcc-BLOCK.rules
-include $RULE_PATH/bleeding-botcc.excluded
include $RULE_PATH/bleeding-botcc.rules
-include $RULE_PATH/bleeding-botcc.rules.dragon.xml
include $RULE_PATH/bleeding-dos.rules
-include $RULE_PATH/bleeding-drop-BLOCK.rules
include $RULE_PATH/bleeding-drop.rules
-include $RULE_PATH/bleeding-drop.rules.dragon.xml
-include $RULE_PATH/bleeding-dshield-BLOCK.rules
include $RULE_PATH/bleeding-dshield.rules
include $RULE_PATH/bleeding-exploit.rules
include $RULE_PATH/bleeding-game.rules
include $RULE_PATH/bleeding-p2p.rules
include $RULE_PATH/bleeding-policy.rules
include $RULE_PATH/bleeding-scan.rules
-include $RULE_PATH/bleeding-sid-msg.map
include $RULE_PATH/bleeding-virus.rules
include $RULE_PATH/bleeding-voip.rules
include $RULE_PATH/bleeding-web.rules
include $RULE_PATH/community-nntp.rules
include $RULE_PATH/community-oracle.rules
include $RULE_PATH/community-policy.rules
-include $RULE_PATH/community-sid-msg.map
include $RULE_PATH/community-sip.rules
include $RULE_PATH/community-smtp.rules
include $RULE_PATH/community-sql-injection.rules