Feature #249
open
Configure host-os-policy from a file, like snorts host_attribute.xml
Added by Edward Fjellskål over 13 years ago.
Updated about 5 years ago.
Description
To be able to automate the configuration of frag and stream policy,
I propose that it is possible to read such info of IP and OS from a file.
It might be simple:
192.168.10.123|linux
192.168.10.124|vista
10.10.200.1|bsd
Or one could look at snorts host_attribute table.
Info on IP<->OS can be fetched from an inventory DB or Hooger and PRADS etc.
(
http://code.google.com/p/hogger/
https://github.com/gamelinux/prads/
)
- Assignee set to Anonymous
I like this. I'd like per ip (both ipv4 and ipv6 should be supported) OS and at least service type and server version. Our HTTP parser could use that info for knowing if a server is Apache, IIS, etc.
- Target version set to TBD
- Assignee changed from Anonymous to Victor Julien
- Target version changed from TBD to 3.0RC2
- Target version changed from 3.0RC2 to 70
- Assignee changed from Victor Julien to OISF Dev
- Related to Feature #2277: netinfo: structured information about the network. Output hierarchical network tree in events added
- Assignee changed from OISF Dev to Anonymous
- Target version changed from 70 to TBD
- Assignee set to Community Ticket
- Related to Feature #660: Update host policy from unix socket added
Also available in: Atom
PDF