ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0011521ClearOSapp-intrusion-detection - Intrusion Detectionpublic2016-12-12 05:562021-06-08 05:01
ReporterNickH 
Assigned To 
PrioritynormalSeveritytweakReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version7.2.0 
Target VersionFixed in Version 
Summary0011521: Remove RBN rules from Intrusion Prevention updates
DescriptionThe RBN rules were deprecated by Emerging Threats a long time ago and the last active maintenance of the rules was in 2012. For this reason ET stopped maintain the rules. They provide an empty file just so automatic scripts which include rbn.rules don’t fall over trying to load a non-existent file. It looks silly in the Webconfig to have a checkbox option for the RBN rules which says 0 rules in it. The webconfig needs to be updates. At this point the rbn.rules file (and rbn-malvertisers.rules file) can be removed from the download.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0004311)
user2
2016-12-12 09:18

We need to add a pre-start cleanup script to catch deleted lists, or Snort will refuse to start up. This can occur on configuration restores or just command line copying from one server to another one. We did this for the content filter blacklists (/usr/sbin/dansguardian-cleanup runs before DansGuardian is started via systemd), and we need to do the same for Snort.

Yes, a long overdue bit of cleanup.
(0004321)
user2
2016-12-12 10:48

We'll be doing a full audit for these rules as part of Netify's Malware implementation - https://www.egloo.ca/products/netify/features/malware-detection [^] - in Q1 2017. That will be a good time to tackle this ClearOS tracker.
(0004331)
NickH (developer)
2016-12-12 10:59

Please add virus.rules to this bug as that file is also effectively empty.
(0015871)
NickH (developer)
2021-06-08 05:01

Migrated to https://gitlab.com/clearos/clearfoundation/app-intrusion-detection/-/issues/5 [^]

- Issue History
Date Modified Username Field Change
2016-12-12 05:56 NickH New Issue
2016-12-12 09:14 user2 Assigned To => user2
2016-12-12 09:14 user2 Status new => confirmed
2016-12-12 09:19 user2 Note Added: 0004311
2016-12-12 10:47 user2 Target Version => 7.3.1 Updates
2016-12-12 10:48 user2 Note Added: 0004321
2016-12-12 10:59 NickH Note Added: 0004331
2017-08-11 12:28 dloper Target Version 7.3.1 Updates =>
2018-12-14 12:10 user2 Status confirmed => assigned
2018-12-14 12:10 user2 Assigned To user2 => tracker
2021-06-08 05:01 NickH Note Added: 0015871
2021-06-08 05:01 NickH Status assigned => closed
2021-06-08 05:01 NickH Assigned To tracker =>
2021-06-08 05:01 NickH Resolution open => suspended