X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Frule_ids.txt;fp=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Frule_ids.txt;h=8ae4b260bdfa65e3bc13171ba1c3a0336ce31f06;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=0000000000000000000000000000000000000000;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git

diff --git a/debian/ossec-hids/usr/share/doc/ossec-hids/rule_ids.txt b/debian/ossec-hids/usr/share/doc/ossec-hids/rule_ids.txt
new file mode 100644
index 0000000..8ae4b26
--- /dev/null
+++ b/debian/ossec-hids/usr/share/doc/ossec-hids/rule_ids.txt
@@ -0,0 +1,104 @@
+# ossec Rules ids.
+#
+# Ossec official rules should be under some of these
+# assignments.
+#
+# Local rules should go from 100000 to 120000.
+#
+# Every rule will also have a revision attribute (if modified).
+# *default revision is 0 (when first added).
+
+00000 - 00999 Internally reserved for ossec
+01000 - 01999 General syslog
+02100 - 02299 NFS
+02300 - 02499 Xinetd
+02500 - 02699 Access control
+02700 - 02729 Mail/procmail
+02800 - 02829 Smartd
+02830 - 02859 Crond
+02860 - 02899 Mount/Automount
+
+03100 - 03299 Sendmail
+03300 - 03499 Postfix
+03500 - 03599 Spamd
+03600 - 03699 Imapd
+03700 - 03799 MailScanner
+
+04100 - 04299 Generic Firewall
+04300 - 04499 Cisco PIX Firewall
+04500 - 04699 Netscreen Firewall
+
+05100 - 05299 Kernels (Linux, Unix, etc)
+05300 - 05399 Su
+05400 - 05499 sudo
+05500 - 05599 Pam unix
+05600 - 05699 Telnetd
+05700 - 05899 sshd
+05900 - 05999 Adduser or user deletion.
+
+07100 - 07199 Tripwire
+07200 - 07299 Arpwatch
+07300 - 07399 Symantec Anti Virus
+
+09100 - 09199 PPTP
+09200 - 09299 Squid syslog
+09300 - 09399 Horde IMP
+
+10100 - 10199 FTS
+
+11100 - 11199 FTPd
+11200 - 11299 ProFTPD
+11300 - 11399 Pure-FTPD
+11400 - 11499 vs-FTPD
+
+12100 - 12299 Named (bind DNS)
+
+13100 - 13299 Samba (smbd)
+
+14100 - 14199 Racoon SSL
+14200 - 14299 Cisco VPN Concentrator
+
+17100 - 17399 Policy
+
+18100 - 18499 Windows system
+18500 - 18650 Sysmon rules
+18651 - 18750 MS IPSec rules
+20100 - 20299 IDS
+20300 - 20499 IDS (Snort specific)
+20500 - 20509 Windows PowerShell
+
+30100 - 30999 Apache error log
+31100 - 31199 Web access log
+
+31501 - 32000 Web Appsec rules
+
+35000 - 35999 Squid
+
+40100 - 40499 Attack patterns
+40500 - 40599 Privilege escalation
+
+40600 - 40699 Scan patterns
+40700 - 40899 Systemd
+40900 - 40999 Firewalld
+
+51500 - 51999 OpenBSD rules
+52000 - 52499 Apparmor rules
+52500 - 53199 clam av rules
+53200 - 53499 nsd rules
+53500 - 53299 opensmtpd rules
+53300 - 53399 owncloud rules
+53400 - 53500 proxmox ve rules
+53501 - 53550 OpenSMTPd rules
+53551 - 53599 dnsmasq
+53600 - 53625 linux usb detection rules
+53626 - 53630 ms usb detection rules
+53631 - 53699 ms firewall rules
+53700 - 53749 PSAD rules
+53750 - 53799 unbound rules
+53800 - 53825 Kaspersky Endpoint Security 10 for Linux rules
+53826 - 53829 MHN - Dionaea
+53830 - 53840 MHN - Cowrie
+56000 - 56200 FreeBSD rules
+
+100000 - 109999 User defined rules
+