Anonymous | Login | 2024-12-22 06:38 MST |
Main | My View | View Issues | Change Log | Roadmap | Repositories |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0011521 | ClearOS | app-intrusion-detection - Intrusion Detection | public | 2016-12-12 05:56 | 2021-06-08 05:01 | ||||
Reporter | NickH | ||||||||
Assigned To | |||||||||
Priority | normal | Severity | tweak | Reproducibility | always | ||||
Status | closed | Resolution | suspended | ||||||
Platform | OS | OS Version | |||||||
Product Version | 7.2.0 | ||||||||
Target Version | Fixed in Version | ||||||||
Summary | 0011521: Remove RBN rules from Intrusion Prevention updates | ||||||||
Description | The RBN rules were deprecated by Emerging Threats a long time ago and the last active maintenance of the rules was in 2012. For this reason ET stopped maintain the rules. They provide an empty file just so automatic scripts which include rbn.rules don’t fall over trying to load a non-existent file. It looks silly in the Webconfig to have a checkbox option for the RBN rules which says 0 rules in it. The webconfig needs to be updates. At this point the rbn.rules file (and rbn-malvertisers.rules file) can be removed from the download. | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
Notes | |
(0004311) user2 2016-12-12 09:18 |
We need to add a pre-start cleanup script to catch deleted lists, or Snort will refuse to start up. This can occur on configuration restores or just command line copying from one server to another one. We did this for the content filter blacklists (/usr/sbin/dansguardian-cleanup runs before DansGuardian is started via systemd), and we need to do the same for Snort. Yes, a long overdue bit of cleanup. |
(0004321) user2 2016-12-12 10:48 |
We'll be doing a full audit for these rules as part of Netify's Malware implementation - https://www.egloo.ca/products/netify/features/malware-detection [^] - in Q1 2017. That will be a good time to tackle this ClearOS tracker. |
(0004331) NickH (developer) 2016-12-12 10:59 |
Please add virus.rules to this bug as that file is also effectively empty. |
(0015871) NickH (developer) 2021-06-08 05:01 |
Migrated to https://gitlab.com/clearos/clearfoundation/app-intrusion-detection/-/issues/5 [^] |
Issue History | |||
Date Modified | Username | Field | Change |
2016-12-12 05:56 | NickH | New Issue | |
2016-12-12 09:14 | user2 | Assigned To | => user2 |
2016-12-12 09:14 | user2 | Status | new => confirmed |
2016-12-12 09:19 | user2 | Note Added: 0004311 | |
2016-12-12 10:47 | user2 | Target Version | => 7.3.1 Updates |
2016-12-12 10:48 | user2 | Note Added: 0004321 | |
2016-12-12 10:59 | NickH | Note Added: 0004331 | |
2017-08-11 12:28 | dloper | Target Version | 7.3.1 Updates => |
2018-12-14 12:10 | user2 | Status | confirmed => assigned |
2018-12-14 12:10 | user2 | Assigned To | user2 => tracker |
2021-06-08 05:01 | NickH | Note Added: 0015871 | |
2021-06-08 05:01 | NickH | Status | assigned => closed |
2021-06-08 05:01 | NickH | Assigned To | tracker => |
2021-06-08 05:01 | NickH | Resolution | open => suspended |