sagan-rules_10222015-0.1_all.deb


Advertisement

Description

sagan-rules - Real-time System & Event Log Monitoring System [rules]

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Universe i386
Package name sagan-rules
Package version 10222015
Package release 0.1
Package architecture all
Package type deb
Installed size 2.67 KB
Download size 179.71 KB
Official Mirror archive.ubuntu.com
Sagan is a multi-threaded, real time system- and event-log monitoring
system, but with a twist. Sagan uses a “Snort” like rule set for
detecting malicious events happening on your network and/or computer
systems.
If Sagan detects a potentially bad event, that event can be stored to a
Snort database (MySQL/PostgreSQL), send it to a SIEM tool like Prelude,
or send an email.
This package provides the rules for Sagan.

Alternatives

Package Version Architecture Repository
sagan-rules_10222015-0.1_all.deb 10222015 all Ubuntu Universe
sagan-rules - - -

Download

Type URL
Binary Package sagan-rules_10222015-0.1_all.deb
Source Package sagan-rules

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install sagan-rules deb package:
    # sudo apt-get install sagan-rules

Files

Path
/etc/sagan-rules/adtran.rules
/etc/sagan-rules/apache.rules
/etc/sagan-rules/apc-emu.rules
/etc/sagan-rules/arp-normalize.rulebase
/etc/sagan-rules/arp.rules
/etc/sagan-rules/artillery.rules
/etc/sagan-rules/asterisk.rules
/etc/sagan-rules/attack.rules
/etc/sagan-rules/bash.rules
/etc/sagan-rules/bind.rules
/etc/sagan-rules/blacklist.rules
/etc/sagan-rules/bluedot-catagories.conf
/etc/sagan-rules/bluedot.rules
/etc/sagan-rules/bonding.rules
/etc/sagan-rules/bro-ids.rules
/etc/sagan-rules/bro-intel.rules
/etc/sagan-rules/bro-normalize.rulebase
/etc/sagan-rules/cacti-thold.rules
/etc/sagan-rules/cisco-acs.rules
/etc/sagan-rules/cisco-aetas.rules
/etc/sagan-rules/cisco-blacklist.rules
/etc/sagan-rules/cisco-brointel.rules
/etc/sagan-rules/cisco-correlated.rules
/etc/sagan-rules/cisco-cucm.rules
/etc/sagan-rules/cisco-geoip.rules
/etc/sagan-rules/cisco-ios.rules
/etc/sagan-rules/cisco-malware.rules
/etc/sagan-rules/cisco-normalize.rulebase
/etc/sagan-rules/cisco-pixasa.rules
/etc/sagan-rules/cisco-prime.rules
/etc/sagan-rules/cisco-sdee.rules
/etc/sagan-rules/cisco-wlc.rules
/etc/sagan-rules/citrix-blacklist.rules
/etc/sagan-rules/citrix-bluedot.rules
/etc/sagan-rules/citrix-brointel.rules
/etc/sagan-rules/citrix-correlated.rules
/etc/sagan-rules/citrix-geoip.rules
/etc/sagan-rules/citrix-normalize.rulesbase
/etc/sagan-rules/citrix.rules
/etc/sagan-rules/classification.config
/etc/sagan-rules/courier-correlated.rules
/etc/sagan-rules/courier-geoip.rules
/etc/sagan-rules/courier.rules
/etc/sagan-rules/cylance.rules
/etc/sagan-rules/deleted.rules
/etc/sagan-rules/digitalpersona.rules
/etc/sagan-rules/dns-normalize.rulebase
/etc/sagan-rules/dovecot.rules
/etc/sagan-rules/fatpipe-aetas.rules
/etc/sagan-rules/fatpipe-correlated.rules
/etc/sagan-rules/fatpipe-geoip.rules
/etc/sagan-rules/fatpipe.rules
/etc/sagan-rules/fortinet-aetas.rules
/etc/sagan-rules/fortinet-correlated.rules
/etc/sagan-rules/fortinet-geoip.rules
/etc/sagan-rules/fortinet-malware.rules
/etc/sagan-rules/fortinet-normalize.rulebase
/etc/sagan-rules/fortinet.rules
/etc/sagan-rules/ftpd.rules
/etc/sagan-rules/gen-msg.map
/etc/sagan-rules/grsec.rules
/etc/sagan-rules/honeyd.rules
/etc/sagan-rules/hordeimp.rules
/etc/sagan-rules/hostapd.rules
/etc/sagan-rules/huawei.rules
/etc/sagan-rules/imap-normalize.rulebase
/etc/sagan-rules/imapd-correlated.rules
/etc/sagan-rules/imapd-geoip.rules
/etc/sagan-rules/imapd.rules
/etc/sagan-rules/imperva-normalize.rulebase
/etc/sagan-rules/ipop3d.rules
/etc/sagan-rules/juniper-aetas.rules
/etc/sagan-rules/juniper-geoip.rules
/etc/sagan-rules/juniper.rules
/etc/sagan-rules/kismet.rules
/etc/sagan-rules/knockd.rules
/etc/sagan-rules/linux-kernel-normalize.rulebase
/etc/sagan-rules/linux-kernel.rules
/etc/sagan-rules/milter.rules
/etc/sagan-rules/mongodb.rules
/etc/sagan-rules/mysql.rules
/etc/sagan-rules/nexpose.rules
/etc/sagan-rules/nfcapd-malware.rules
/etc/sagan-rules/nfcapd-normalize.rulebase
/etc/sagan-rules/nfcapd.rules
/etc/sagan-rules/nginx.rules
/etc/sagan-rules/ntp.rules
/etc/sagan-rules/openssh-aetas.rules
/etc/sagan-rules/openssh-correlated.rules
/etc/sagan-rules/openssh-geoip.rules
/etc/sagan-rules/openssh-normalize.rulebase
/etc/sagan-rules/openssh.rules
/etc/sagan-rules/openvpn.rules
/etc/sagan-rules/oracle.rules
/etc/sagan-rules/ossec-mi.rules
/etc/sagan-rules/ossec.rules
/etc/sagan-rules/php.rules
/etc/sagan-rules/postfix.rules
/etc/sagan-rules/postgresql.rules
/etc/sagan-rules/pptp.rules
/etc/sagan-rules/procurve-normalize.rulebase
/etc/sagan-rules/procurve.rules
/etc/sagan-rules/proftpd-aetas.rules
/etc/sagan-rules/proftpd-geoip.rules
/etc/sagan-rules/proftpd.rules
/etc/sagan-rules/protocol.map
/etc/sagan-rules/proxy-malware.rules
/etc/sagan-rules/pure-ftpd.rules
/etc/sagan-rules/racoon.rules
/etc/sagan-rules/reference.config
/etc/sagan-rules/riverbed-aetas.rules
/etc/sagan-rules/riverbed-geoip.rules
/etc/sagan-rules/riverbed.rules
/etc/sagan-rules/roundcube.rules
/etc/sagan-rules/rsync.rules
/etc/sagan-rules/sagan-sid-msg.map
/etc/sagan-rules/samba.rules
/etc/sagan-rules/sendmail.rules
/etc/sagan-rules/smtp-normalize.rulebase
/etc/sagan-rules/snort-geoip.rules
/etc/sagan-rules/snort-normalize.rulebase
/etc/sagan-rules/snort.rules
/etc/sagan-rules/solaris.rules
/etc/sagan-rules/sonicwall-normalize.rulebase
/etc/sagan-rules/sonicwall.rules
/etc/sagan-rules/squid.rules
/etc/sagan-rules/ssh-tectia-server-aetas.rules
/etc/sagan-rules/ssh-tectia-server-correlated.rules
/etc/sagan-rules/ssh-tectia-server-geoip.rules
/etc/sagan-rules/ssh-tectia-server.rules
/etc/sagan-rules/su-normalize.rulebase
/etc/sagan-rules/su.rules
/etc/sagan-rules/symantec-ems.rules
/etc/sagan-rules/syslog.rules
/etc/sagan-rules/tcp.rules
/etc/sagan-rules/telnet.rules
/etc/sagan-rules/tripwire.rules
/etc/sagan-rules/vmpop3d.rules
/etc/sagan-rules/vmware-correlated.rules
/etc/sagan-rules/vmware-geoip.rules
/etc/sagan-rules/vmware-normalize.rulebase
/etc/sagan-rules/vmware.rules
/etc/sagan-rules/vpopmail.rules
/etc/sagan-rules/vsftpd-correlated.rules
/etc/sagan-rules/vsftpd-geoip.rules
/etc/sagan-rules/vsftpd.rules
/etc/sagan-rules/web-attack.rules
/etc/sagan-rules/weblabrinth.rules
/etc/sagan-rules/windows-aetas.rules
/etc/sagan-rules/windows-applocker.rules
/etc/sagan-rules/windows-auth.rules
/etc/sagan-rules/windows-blacklist.rules
/etc/sagan-rules/windows-bluedot.rules
/etc/sagan-rules/windows-brointel.rules
/etc/sagan-rules/windows-correlated.rules
/etc/sagan-rules/windows-emet.rules
/etc/sagan-rules/windows-geoip.rules
/etc/sagan-rules/windows-malware.rules
/etc/sagan-rules/windows-misc.rules
/etc/sagan-rules/windows-mssql.rules
/etc/sagan-rules/windows-normalize.rulebase
/etc/sagan-rules/windows-owa-blacklist.rules
/etc/sagan-rules/windows-owa-bluedot.rules
/etc/sagan-rules/windows-owa-brointel.rules
/etc/sagan-rules/windows-owa-correlated.rules
/etc/sagan-rules/windows-owa-geoip.rules
/etc/sagan-rules/windows-owa.rules
/etc/sagan-rules/windows.rules
/etc/sagan-rules/wordpress.rules
/etc/sagan-rules/xinetd.rules
/etc/sagan-rules/zeus.rules
/usr/share/doc/sagan-rules/changelog.Debian.gz
/usr/share/doc/sagan-rules/copyright

Changelog

2015-12-23 - Herbert Parentes Fortes Neto <hpfn@ig.com.br>
sagan-rules (10222015-0.1) unstable; urgency=low
* Non-maintainer upload.
* New upstream release. (Closes: #681792). Thanks Micah Anderson.
* debian/control:
- Bumped Standards-Version to 3.9.6.
* debian/rules:
- *.map *.rulebase *.rulesbase *.conf added to install.
* debian/watch fixed.
2011-02-15 - Pierre Chifflier <pollux@debian.org>
sagan-rules (10212010-r1-1) unstable; urgency=low
* Initial release (Closes: #618674)

See Also

Package Description
sagan_1.0.1-0.3build1_i386.deb Real-time System & Event Log Monitoring System
sagasu_2.0.12-4_i386.deb GNOME tool to find strings in a set of files
sagcad-doc_0.9.14-0ubuntu3_all.deb sagCAD documentation
sagcad_0.9.14-0ubuntu3_i386.deb CAD/CAM of 2D program
sagemath-database-conway-polynomials_0.4.p0+dfsg-2_all.deb Database of Conway polynomials
sagemath-database-elliptic-curves_0.8-1_all.deb Databases for elliptic curves
sagemath-database-graphs_20151224+dfsg-1_all.deb Databases of graphs
sagemath-database-mutually-combinatorial-designs_20140630-2_all.deb Databases of combinatorial designs
sagemath-database-polytopes_20120220+dfsg-2_all.deb Databases of polytopes
sahara-api_4.0.0-1ubuntu1_all.deb OpenStack data processing cluster as a service - API server
sahara-common_4.0.0-1ubuntu1_all.deb OpenStack data processing cluster as a service - common files
sahara-doc_4.0.0-1ubuntu1_all.deb OpenStack data processing cluster as a service - doc
sahara-engine_4.0.0-1ubuntu1_all.deb OpenStack data processing cluster as a service - Engine server
sahara_4.0.0-1ubuntu1_all.deb OpenStack data processing cluster as a service - API & Engine
saidar_0.91-1_i386.deb curses-based program which displays live system statistics
Advertisement
Advertisement