CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,965 Commits 24 Branches 119 Tags
3f5f93059ef1b9c9571b3df60bf61340e3a8b61b
Commit Graph

91 Commits

Author SHA1 Message Date
weslambert
873632ec4f Remove ScanRuby scanner 2023-05-25 17:23:44 -04:00
weslambert
e9f58269cd Ignore "expl_outlook_cve_2023_23397.yar" and "gen_mal_3cx_compromise_mar23.yar" since they are causing problems with YARA compilation 2023-05-04 16:13:59 -04:00
weslambert
2dced35800 Add 'configured_vulns_ext_vars.yar' to exclusion list 2023-02-01 14:24:20 -05:00
doug
a67a254edc update Copyright year 2023-01-04 12:44:18 -05:00
Jason Ertel
d48d473f43 Switch back to older style redirect due to incompatibility with Ub 18 2022-12-07 14:06:24 -05:00
Jason Ertel
225b7e359c Use original style due to pgrep conflict with cron 2022-12-07 11:53:42 -05:00
Jason Ertel
7b05627d5c Suricata support for filecheck; reduce cron noise 2022-12-07 07:58:32 -05:00
Mike Reeves
f0c3b876a9 Update init.sls 2022-12-06 13:35:03 -05:00
Mike Reeves
531423f49a Update init.sls 2022-12-06 13:25:03 -05:00
Jason Ertel
0dd2e51e83 Ensure Suricata move events get picked up 2022-12-06 11:39:58 -05:00
weslambert
8bb3b22993 Disable additional YARA rules there are causing compilation errors 2022-12-05 11:30:22 -05:00
Jason Ertel
69c5a9dd90 ensure tmp files are not processed 2022-12-05 10:31:09 -05:00
Jason Ertel
86c31c129a add suricata to socore group 2022-12-05 10:27:42 -05:00
Jason Ertel
483a9d477f undo filecheck location move 2022-12-05 10:15:15 -05:00
Jason Ertel
d7f60a0e58 only check files on inotify 2022-12-05 10:01:40 -05:00
Jason Ertel
fe798138e3 add suricata to socore group 2022-12-05 09:50:35 -05:00
Jason Ertel
e9bb60dedb fix filecheck for suricata deployments 2022-12-05 09:28:25 -05:00
Jason Ertel
992ced685f fix filecheck for suricata deployments 2022-12-05 09:27:31 -05:00
Jason Ertel
592bbf4217 fix filecheck for suricata deployments 2022-12-05 09:21:08 -05:00
Mike Reeves
a3f9859fdb Update init.sls 2022-12-02 09:38:13 -05:00
Mike Reeves
42cde0b6f0 Use shutil in case there are multiple filesystems involved. 2022-11-30 10:59:09 -05:00
Mike Reeves
e15ca408e7 Remove BG for filecheck 2022-11-28 09:11:41 -05:00
Mike Reeves
0e2753393b Remove BG for filecheck 2022-11-28 09:09:25 -05:00
Mike Reeves
c5bfe6ffdb Update init.sls 2022-11-02 12:59:46 -04:00
Mike Reeves
ff1a903895 Update init.sls 2022-11-02 12:58:31 -04:00
Mike Reeves
06ddae13b5 Update filecheck 2022-10-31 15:41:57 -04:00
Mike Reeves
f7043f3f62 Update init.sls 2022-10-31 15:25:38 -04:00
Mike Reeves
86ca3602f3 Update init.sls 2022-10-31 14:44:01 -04:00
Mike Reeves
416c28fded Update init.sls 2022-10-31 14:42:23 -04:00
Mike Reeves
db9b93a96c Update init.sls 2022-10-31 14:35:02 -04:00
Mike Reeves
5635375d8d Update init.sls 2022-10-31 14:30:11 -04:00
Mike Reeves
07e72e4013 Update filecheck 2022-10-31 13:47:49 -04:00
Mike Reeves
518d2aaa9c Update filecheck.yaml 2022-10-31 13:45:00 -04:00
Mike Reeves
e93e2995b7 Update filecheck 2022-10-31 13:42:18 -04:00
Mike Reeves
d2eb61a830 Update filecheck.yaml 2022-10-31 13:41:45 -04:00
Mike Reeves
4c5a2c0610 Update filecheck 2022-10-31 13:36:42 -04:00
Mike Reeves
e9e7362005 Add Filechecks 2022-10-31 12:57:08 -04:00
weslambert
8a0e92cc6f Add 'gen_webshells.yar' and re-arrange to put ignored rules in alphabetical order 2022-08-29 09:37:29 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
weslambert
39e5ded58d Refactor ignore list and only ignore for signature-base for now 2021-09-15 11:32:29 -04:00
weslambert
4d41d3aee1 Ignore these rules by default because they are causing issues with YARA compilation with Strelka 2021-09-15 10:29:11 -04:00
Wes Lambert
038c58f3d5 Ignore TIME_WAIT when checking for Strelka frontend port reservation 2021-03-16 14:51:16 +00:00
Wes Lambert
f142b754dc Add Strelka files.processed directory so files will be moved from staging to processed 2021-03-15 15:43:31 +00:00
Wes Lambert
b6a785395d Add Strelka staging directory for state 2021-03-15 15:42:13 +00:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Wes Lambert
0039877779 Check for port availability for Wazuh and Strelka 2021-01-21 13:29:09 +00:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
Wes Lambert
ac96ded2dc Support setting rule repos via pillar 2020-12-22 15:36:15 +00:00