cloudxtreme / polman Goto Github PK
View Code? Open in Web Editor NEWThis project forked from gamelinux/polman
The Advanced Policy-Manager for IPS/IDS Sensors
Home Page: http://www.gamelinux.org/
This project forked from gamelinux/polman
The Advanced Policy-Manager for IPS/IDS Sensors
Home Page: http://www.gamelinux.org/
polman is aimed at makeing rule administration for IPS/IDS sensors easy and powerfull. You can load different rule-sets into a RuleDB, say you load Sourcefire VRT rules in to ruledb snort2903 and you also load Emerging Threats snort 2.9.0 rules into the same db. Then you should have a large repo of rules to play with :) If you also have suricata sensors, you can have a ruledb for suricata10, and load the vrt rules and the corrosponding ET-suricata rules into it. Currently, polman will activate all rules in the ruledb that is default activated from the the vendor (vrt/et/others), on the sensors that are associated with the ruledb. The activatation happens the first time you write out the rule file(s) to disk. When you download new rules from vendor into the ruledb specified rules dir, and updates the ruledb, next time you write new rules to disk for a sensor, it will automagically enable the rules that the upstream vendor ships in the state enabled. Enabling/Disabling rules on a sensor: ATM, you can search msg, catagory, classification and metadata. You can also search for all rules that are default enabled by rule-set vendor (ET or VRT etc). Or you can easly enable a rule by: "polman.pl -i $SENSORNAME -e <sid>" or disable: "polman.pl -i $SENSORNAME -d <sid>" Turn of rules but "filenames" (category): ./polman.pl -i TESTS -m "-(dos|games|icmp_info|pop3|rpc|scada|scan|snmp|sql|voip)" ... [*] Search term: -(dos|games|icmp_info|pop3|rpc|scada|scan|snmp|sql|voip) [*] Search field: catagory [*] Found 908 rule(s) matching search criterias... ... [i] Do you want to Disable all rules for sensor panama? (y/N)?: y ...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.