• Support
  • Forums
  • Blogs
A New Community Experience is Coming! For more information, please see our announcement.

Bind plugins modified

titiostitios

New Life Form
hi,
I want to share with you the bind plugin modified ( i modified regex of : query cache denied ; bind query cache denied;  ; bind-query-types ;bind unpexted code ; network unreachable ) and i added two regex [0072 - Bind - Queries-errors] and [075 -Bind- Invalid Response].
I also added some record( the default contains only 21 types of record so i added some other records ( at translation level )  to prevent plugins from stopping when doing the translation.
there is one thing is missing, in ossim Gui i can't get the name of two new event that i added ( 072 and 075) , the parsing is good but the sid ( event type ID )  is always on default one "2000000000"  , may be i should added something in bind.sql . anyway just delete the bind.cfg in /etc/ossim/agent/plugins and upload the new one after that execute : /etc/init.d/ossim-agent force-reload

enjoy :) 
Best regards

Share post:

Sign In or Register to comment.