X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=etc%2Frules%2Fsyslog_rules.xml;fp=etc%2Frules%2Fsyslog_rules.xml;h=b536e438c59be8d6cf43230e51df8c0dcd56b0dd;hp=06b61f649100952c5f927723041e70c5a5c25145;hb=301048b51990573e58a30dc4a5bb4ec285cad554;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a
diff --git a/etc/rules/syslog_rules.xml b/etc/rules/syslog_rules.xml
index 06b61f6..b536e43 100755
--- a/etc/rules/syslog_rules.xml
+++ b/etc/rules/syslog_rules.xml
@@ -1,4 +1,4 @@
-
@@ -152,6 +158,23 @@
+
+
+
+ rshd
+ rshd messages grouped.
+
+
+
+ 2550
+ ^Connection from \S+ on illegal port$
+ Connection to rshd from unprivileged port. Possible network scan.
+ connection_attempt,
+
+
+
+
+
@@ -458,7 +481,7 @@
9100
^GRE: \S+ from \S+ failed: status = -1
PPTPD failed message (communication error)
- poptop.sourceforge.net/dox/gre-protocol-unavailable.phtml
+ http://poptop.sourceforge.net/dox/gre-protocol-unavailable.phtml