Updates to local.bro.

- More functionality scripts loaded from policy/.

- More documentation.

scripts/site/local.bro

@@ -1,4 +1,5 @@
-##! Local site policy. Customize as appropriate.
+##! Local site policy. Customize as appropriate. This file will not be 
+##! overwritten when upgrading or reinstalling.
 
 # Load the script to log which script were loaded during each run
 @load misc/loaded-scripts
@@ -8,7 +9,8 @@
 
 # Vulnerable versions of software to generate notices for when discovered.
 # The default is to only monitor software found in the address space defined
-# as "local".  Refer to the software framework's documentation for more information.
+# as "local".  Refer to the software framework's documentation for more 
+# information.
 @load frameworks/software/vulnerable
 redef Software::vulnerable_versions += {
 	["Flash"] = [$major=10,$minor=2,$minor2=153,$addl="1"],
@@ -18,3 +20,27 @@ redef Software::vulnerable_versions += {
 # This adds signatures to detect cleartext forward and reverse windows shells.
 redef signature_files += "frameworks/signatures/detect-windows-shells.sig";
 
+# Load all of the scripts that detect software in various protocols.
+@load protocols/http/software
+@load protocols/ftp/software
+@load protocols/smtp/software
+@load protocols/ssh/software
+
+# Load the script to detect DNS results pointing toward your Site::local_nets 
+# where the name is not part of your local DNS zone and is being hosted 
+# externally.  Requires that the Site::local_zones variable is defined.
+@load protocols/dns/detect-external-names
+
+# Script to detect various activity in FTP sessions.
+@load protocols/ftp/detect
+
+# Detect software changing (e.g. attacker installing hacked SSHD).
+@load frameworks/software/version-changes
+
+# Scripts that do asset tracking.
+@load protocols/conn/known-hosts
+@load protocols/conn/known-services
+@load protocols/ssl/known-certs
+
+# Load the script to enable SSL/TLS certificate validation.
+@load protocols/ssl/validate-certs