| Server IP : 172.67.158.161 / Your IP : 3.137.174.147 Web Server : LiteSpeed System : Linux business53.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : giankuin ( 1871) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /opt/puppetlabs/puppet/share/augeas/lenses/dist/tests/ |
Upload File : |
module Test_Mailscanner_Rules =
let conf = "# JKF 10/08/2007 Adobe Acrobat nastiness
rename \.fdf$ Dangerous Adobe Acrobat data-file Opening this file can cause auto-loading of any file from the internet
# JKF 04/01/2005 More Microsoft security vulnerabilities
deny \.ico$ Windows icon file security vulnerability Possible buffer overflow in Windows
allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - -
deny+delete \.cur$ Windows cursor file security vulnerability Possible buffer overflow in Windows
[email protected],[email protected] \.reg$ Possible Windows registry attack Windows registry entries are very dangerous in email
[email protected] [email protected] \.chm$ Possible compiled Help file-based virus Compiled help files are very dangerous in email
rename to .ppt \.pps$ Renamed .pps to .ppt Renamed .pps to .ppt
"
test Mailscanner_Rules.lns get conf =
{ "#comment" = "JKF 10/08/2007 Adobe Acrobat nastiness" }
{ "1"
{ "action" = "rename" }
{ "regex" = "\.fdf$" }
{ "log-text" = "Dangerous Adobe Acrobat data-file" }
{ "user-report" = "Opening this file can cause auto-loading of any file from the internet" }
}
{}
{ "#comment" = "JKF 04/01/2005 More Microsoft security vulnerabilities" }
{ "2"
{ "action" = "deny" }
{ "regex" = "\.ico$" }
{ "log-text" = "Windows icon file security vulnerability" }
{ "user-report" = "Possible buffer overflow in Windows" }
}
{ "3"
{ "action" = "allow" }
{ "regex" = "\.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$" }
{ "log-text" = "-" }
{ "user-report" = "-" }
}
{ "4"
{ "action" = "deny+delete" }
{ "regex" = "\.cur$" }
{ "log-text" = "Windows cursor file security vulnerability" }
{ "user-report" = "Possible buffer overflow in Windows" }
}
{ "5"
{ "action" = "[email protected],[email protected]" }
{ "regex" = "\.reg$" }
{ "log-text" = "Possible Windows registry attack" }
{ "user-report" = "Windows registry entries are very dangerous in email" }
}
{ "6"
{ "action" = "[email protected] [email protected]" }
{ "regex" = "\.chm$" }
{ "log-text" = "Possible compiled Help file-based virus" }
{ "user-report" = "Compiled help files are very dangerous in email" }
}
{ "7"
{ "action" = "rename to .ppt" }
{ "regex" = "\.pps$" }
{ "log-text" = "Renamed .pps to .ppt" }
{ "user-report" = "Renamed .pps to .ppt" }
}