diff --git a/scripts/site/local.bro b/scripts/site/local.bro index 3b73c73a0b..7e758c72b0 100644 --- a/scripts/site/local.bro +++ b/scripts/site/local.bro @@ -1,4 +1,5 @@ -##! Local site policy. Customize as appropriate. +##! Local site policy. Customize as appropriate. This file will not be +##! overwritten when upgrading or reinstalling. # Load the script to log which script were loaded during each run @load misc/loaded-scripts @@ -8,7 +9,8 @@ # Vulnerable versions of software to generate notices for when discovered. # The default is to only monitor software found in the address space defined -# as "local". Refer to the software framework's documentation for more information. +# as "local". Refer to the software framework's documentation for more +# information. @load frameworks/software/vulnerable redef Software::vulnerable_versions += { ["Flash"] = [$major=10,$minor=2,$minor2=153,$addl="1"], @@ -18,3 +20,27 @@ redef Software::vulnerable_versions += { # This adds signatures to detect cleartext forward and reverse windows shells. redef signature_files += "frameworks/signatures/detect-windows-shells.sig"; +# Load all of the scripts that detect software in various protocols. +@load protocols/http/software +@load protocols/ftp/software +@load protocols/smtp/software +@load protocols/ssh/software + +# Load the script to detect DNS results pointing toward your Site::local_nets +# where the name is not part of your local DNS zone and is being hosted +# externally. Requires that the Site::local_zones variable is defined. +@load protocols/dns/detect-external-names + +# Script to detect various activity in FTP sessions. +@load protocols/ftp/detect + +# Detect software changing (e.g. attacker installing hacked SSHD). +@load frameworks/software/version-changes + +# Scripts that do asset tracking. +@load protocols/conn/known-hosts +@load protocols/conn/known-services +@load protocols/ssl/known-certs + +# Load the script to enable SSL/TLS certificate validation. +@load protocols/ssl/validate-certs \ No newline at end of file