From: Victor Julien Date: Wed, 24 Feb 2021 15:30:13 +0000 (+0100) Subject: classification: sync and update X-Git-Tag: suricata-5.0.6~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2bbfe8ba3a3eb060ba5ad22fdc30ca0cb71ce969;p=thirdparty%2Fsuricata.git classification: sync and update Sync to latest ET open and introduce inappropriate as a classification to replace something some find inappropriate. (cherry picked from commit f037f6f4ff08ed0442b3bbc1623dfb7ecb23c716) --- diff --git a/etc/classification.config b/etc/classification.config index d2fa5dcef8..220736c947 100644 --- a/etc/classification.config +++ b/etc/classification.config @@ -1,30 +1,3 @@ -# $Id$ -# classification.config taken from Snort 2.8.5.3. Snort is governed by the GPLv2 -# -# The following includes information for prioritizing rules -# -# Each classification includes a shortname, a description, and a default -# priority for that classification. -# -# This allows alerts to be classified and prioritized. You can specify -# what priority each classification has. Any rule can override the default -# priority for that rule. -# -# Here are a few example rules: -# -# alert TCP any any -> any 80 (msg: "EXPLOIT ntpdx overflow"; -# dsize: > 128; classtype:attempted-admin; priority:10; -# -# alert TCP any any -> any 25 (msg:"SMTP expn root"; flags:A+; \ -# content:"expn root"; nocase; classtype:attempted-recon;) -# -# The first rule will set its type to "attempted-admin" and override -# the default priority for that type to 10. -# -# The second rule set its type to "attempted-recon" and set its -# priority to the default for that type. -# - # # config classification:shortname,short description,priority # @@ -62,7 +35,7 @@ config classification: web-application-attack,Web Application Attack,1 config classification: misc-activity,Misc activity,3 config classification: misc-attack,Misc Attack,2 config classification: icmp-event,Generic ICMP event,3 -config classification: kickass-porn,SCORE! Get the lotion!,1 +config classification: inappropriate-content,Inappropriate Content was Detected,1 config classification: policy-violation,Potential Corporate Privacy Violation,1 config classification: default-login-attempt,Attempt to login by a default username and password,2