From: Pranav Bhalerao (prbhaler) <prbhaler@cisco.com>
Date: Wed, 27 Oct 2021 06:56:08 +0000 (+0000)
Subject: Merge pull request #3119 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_doc to master
X-Git-Tag: 3.1.16.0~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b0e6d23a8cba86de9fe859aac3dbf2f83e646e5;p=thirdparty%2Fsnort3.git

Merge pull request #3119 in SNORT/snort3 from ~VIGNVISW/snort3:vignvisw_doc to master

Squashed commit of the following:

commit 28f58c1f68a57cc589cc1a8dd24d7d5e5fd45968
Author: Vigneshwari Viswanathan <vignvisw@cisco.com>
Date:   Wed Oct 20 03:20:52 2021 -0400

    doc: updated builtin rules documentation for ftp-telnet
---

diff --git a/doc/reference/builtin_stubs.txt b/doc/reference/builtin_stubs.txt
index 164fb495f..ad0a0f5c7 100644
--- a/doc/reference/builtin_stubs.txt
+++ b/doc/reference/builtin_stubs.txt
@@ -1572,51 +1572,51 @@ File decompression failed.
 
 125:1
 
-(ftp_server) TELNET cmd on FTP command channel
+TELNET command is detected on FTP control channel.
 
 125:2
 
-(ftp_server) invalid FTP command
+Invalid FTP command is detected.
 
 125:3
 
-(ftp_server) FTP command parameters were too long
+The length of a FTP command parameter is longer than the configured maximum parameter length.
 
 125:4
 
-(ftp_server) FTP command parameters were malformed
+One or more FTP command parameters are malformed.
 
 125:5
 
-(ftp_server) FTP command parameters contained potential string format
+FTP command parameter had invalid string format. Two or more than '%' signs are detected in FTP command parameter.
 
 125:6
 
-(ftp_server) FTP response message was too long
+FTP repsonse message is longer than the maximum configured response length.
 
 125:7
 
-(ftp_server) FTP traffic encrypted
+FTP traffic is encrypted
 
 125:8
 
-(ftp_server) FTP bounce attempt
+FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client. This is called as FTP bounce attempt and bounce attempt has been detected.
 
 125:9
 
-(ftp_server) evasive (incomplete) TELNET cmd on FTP command channel
+Evasive (incomplete) TELNET command is detected on FTP control channel.
 
 126:1
 
-(telnet) consecutive Telnet AYT commands beyond threshold
+Consecutive Telnet AYT(Are you There) commands are detected beyond the configured AYT threshold limit.
 
 126:2
 
-(telnet) Telnet traffic encrypted
+Telnet traffic is encrypted.
 
 126:3
 
-(telnet) Telnet subnegotiation begin command without subnegotiation end
+Telnet subnegotiation begin command is detected without subnegotiation end.
 
 128:1