Result for 1655E61088A6FEE30058894AE91221A1158B291A

Query result

Key Value
MD51DE9FB13ED0C22D060A695D6BF5DE2CB
PackageArchnoarch
PackageDescriptionfwsnort translates Snort rules into equivalent iptables rules and generates a Bourne shell script that implements the resulting iptables commands. This ruleset allows network traffic that exhibits Snort signatures to be logged and/or dropped by iptables directly without putting any interface into promiscuous mode or queuing packets from kernel to user space. In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the iptables ruleset on the machine to determine which Snort rules are applicable to the specific iptables policy. After all, if iptables is blocking all inbound http traffic from external addresses, it is probably not of much use to try detecting inbound attacks against against tcp/80. By default fwsnort generates iptables rules that log Snort sid's with --log-prefix to klogd where the messages can be analyzed with a log watcher such as logwatch or psad (see http://www.cipherdyne.org/psad). fwsnort relies on the iptables string match extension to match Snort content fields in the application portion of ip traffic. Since Snort rules can contain hex data in content fields, fwsnort implements a patch against iptables-1.2.7a which adds a "--hex-string" option which will accept content fields such as "|0d0a5b52504c5d3030320d0a|". fwsnort bundles the latest rule set from Emerging Threats (http://www.emergingthreats.net) and also includes all rules from the Snort-2.3.3 IDS - the final Snort rule set that was released under the GPL. fwsnort is able to translate well over 60% of all bundled rules. For more information about the translation strategy as well as advantages/disadvantages of the method used by fwsnort to obtain intrusion detection data, see the README included with the fwsnort sources or browse to: http://www.cipherdyne.org/fwsnort/
PackageMaintainerumeabot <umeabot>
PackageNamefwsnort
PackageRelease2.mga7
PackageVersion1.6.8
SHA-11655E61088A6FEE30058894AE91221A1158B291A
SHA-256BECB99C34E49DE4A9031770B1DD09964E78B3DDA6FF1BCEC3FE851609E0BBBC1
hashlookup:children-total121
hashlookup:trust50

Network graph view

Children (Total: 121)

The searched file hash includes 121 children files known and seen by metalookup. A sample is included below:

Key Value
FileName./usr/share/licenses/fwsnort/LICENSE
FileSize17988
MD5245BB10EBA6158BB8EE5CA6E9B470DD3
SHA-101F5A78333FDDEE68C09F900A0FD289F5CF6E7F6
SHA-2568DB86465D9B3599EBD22543F8D4E9276F6D74ADEC3BF0B5C14F7D32DE17F49EB
SSDEEP384:z2Uwi5rRL67cyV12rPd34FomzMV/R6qWa7mZUd:zFFCExGFz9qn7mZUd
TLSHT1D782A42E774503F205C302A16A4F6CDFA32AD4B9723E11552859C19E236FE35C3BFA99
Key Value
CRC32B85E66DB
FileName./usr/lib/x86_64-linux-gnu/perl5/5.30/auto/NetAddr/IP/UtilPP/ipanyto6.al
FileSize554
MD5D04803B20FB930ACAACE58AB032C2CEC
OpSystemCode362
ProductCode17075
RDS:package_id303197
SHA-10840B32FB17C96A3DFF958A67D23BB6A7E452F9B
SHA-256B7B1169DEA1962791C5F7C6FD459E7237C3AFD9EFEE273F9C4377FA78B13CF8A
SHA-512681FB3EE2B5674FC834C0EF0BD6036936CDA469B7214599E95760D83851C7878E1433C581A47C43F5A47FA41EC02604F9A7F6A91B9C440E27B1092D8E2F50CB8
SSDEEP12:nt0po1XFKvkifX0pokypv6ijlae8rJAh27nNvMUh2EV1wUF:nMo185mohvbjlaPdO2TNv92aWUF
SpecialCode
TLSHT18BF0C06C67068095FB10F753B070F640BB463E506251ED1052248354FF8473F96FB11C
dbnsrl_legacy
insert-timestamp1728220140.6863663
mimetypetext/plain
sourcesnap:Mm8hGEV56j03iGdUrygn8rQVqSswYivd_40
tar:gnameroot
tar:unameroot
Key Value
FileName./etc/fwsnort/snort_rules/rservices.rules
FileSize2867
MD5EDF7BB2413DC94FAC0AF5323E031F996
SHA-10A18F4463E99A2593384468A9F0D7975278D0E18
SHA-25671CA68EACEF3BC9417275FE1ECC964B723D7312F04CFBBA2CA7CD2AED9EAA6CE
SSDEEP48:gQBKiO9eDONqK6GOk8O8Ye+OpoHvcagOQ3tqMYqKJK9pzc3X3oB4IFCNKj/FCNXk:X6eD9GWYe+RHvcag9wNapcn6RwY7wJk
TLSHT18C519F1C7EBE09B91BA9E3701C173613F1A9D912AC221F1817992254CD8CDF1D3FA396
Key Value
CRC32D0AC0F31
FileName./usr/lib/x86_64-linux-gnu/perl5/5.30/auto/NetAddr/IP/InetBase/_inet_ntop.al
FileSize660
MD5C04ADC3A932C9DA217FE2A1FBB0585B7
OpSystemCode362
ProductCode17075
RDS:package_id303197
SHA-11191733F4D8C2492E66755A948CF1F23CA54DC22
SHA-256DC0C0C29AAD8514E23BB799ACCE8439F4F0F0FE4B049648E0EB8610C4C74C681
SHA-51299E2C1AC975ADA6F845A38CC9862C9D1D2DD40BB1675319E395CBC785E402794EAE4C129E3DB41AF80E66BF2A1DD614A54C1418387E08817327B032504EE6C63
SSDEEP12:nt0zXFKvkiWtQ302ymZxPhxSw5rYkkLw/Vq7ibHIaMcZovzlZo2Wo:nC85WqbPhkw5rYkWw0eIazZovzlZo2Wo
SpecialCode
TLSHT1DE01DD6D6FAAC386F9433440293D59C1738A2ED162CAAEE1D42883A92764637426F2C4
dbnsrl_legacy
insert-timestamp1728220140.8069286
mimetypetext/plain
sourcesnap:Mm8hGEV56j03iGdUrygn8rQVqSswYivd_40
tar:gnameroot
tar:unameroot
Key Value
FileName./usr/lib/fwsnort/i386-linux/NetAddr/IP.pm
FileSize41462
MD52A97277544AEAD774156CCE230DED883
SHA-114283A7D851E3025DE8CABDDE525C0DCD1BF4189
SHA-25673215F358B69E6974C01AE8FFC4272CE292F8F1A7BDAE9779AB202C6C5B968B8
SSDEEP768:0XY/KTWjWOB06hZ9BlwQGFSwVilFaVHPO5090A5u7Xmr:0XY/KTWjWOBhzDwQGkx/aVHPO5Mrum
TLSHT17413177E6743D2BA9B5B107727DDA384F379D7E3559B8890348C81982F809B0CBF8586
Key Value
CRC32A534B012
FileName./usr/lib/x86_64-linux-gnu/perl5/5.30/auto/NetAddr/IP/UtilPP/notcontiguous.al
FileSize820
MD56FB00AA7922B45245857EFD23E9A2B22
OpSystemCode362
ProductCode17075
RDS:package_id303197
SHA-1174A9C506B150C30A4ABFEFEE14AC1E9B1817B74
SHA-2561111DA9C4E7AE0D4B4C5C49077E082A46004B5D52FCA0FDF0CF5870B8D44AEAE
SHA-512AB5E53F9083CF44BC835AEBA51BB3DF4A533873EE35E152B124A2B2B5ED1E364058C92E9DAD32C98D119229C7214965B48A477C5D43948D0EAB08B23118A182D
SSDEEP24:nMo185nNohLVi6I02PfF13Bw3G2JQNwlHwowUw+dUUe:nMoKdNohIF02V13BMTQNIHaUzdm
SpecialCode
TLSHT18F01499D5B7A1214FA716A1B36D4F984DF4E79B1E3C6EC1D806403A4278733467A6C0D
dbnsrl_legacy
insert-timestamp1728220140.7537327
mimetypetext/plain
sourcesnap:Mm8hGEV56j03iGdUrygn8rQVqSswYivd_40
tar:gnameroot
tar:unameroot
Key Value
FileName./etc/fwsnort/snort_rules/x11.rules
FileSize526
MD5C5C346D3A031F0BE3E30668799DD9D84
SHA-118333FE1A717EE49450A7EFE28A5A606F0F442B4
SHA-25693E2184DAA83E0F6FB7DBA2E82D4931648733D73A98CBC7592ED470DF1E5A5C1
SSDEEP12:VeQGDyf7GT4jnTPOUxh4sZp4kfmIvweiVBn:gQFfST4zbn74vIweGB
TLSHT15FF0C01D2CA56C785370D23D40897553F10CF40338D608D0C79D2344C6C4DA966AD05B
Key Value
FileNameusr/share/perl5/vendor_perl/IPTables/Parse.pm
FileSize44373
MD539ED30CF3355C168C9E485310C0E5C4D
SHA-118B30A114F02FDEC07E0B6DB73B5DA9DCF8A6721
SHA-256A77E2C339DE118F6B0123F8441212E1BC91B00177E5E9DE44C86CBB621B89933
SSDEEP768:okJt6rJsMdR4V5BryVJekdmoueaiP220yb8sROlvy4SltjyyYQjI/sCJXnyxxFwH:7QrJsMdR4XBryVJekdmoueaiP220yb8v
TLSHT17C13520969F7E16991B2F03E5BC95014E21E406B6E9EAE187CBCD1805FC0939D1F5FD8
tar:gnameroot
tar:unameroot
Key Value
FileName./etc/fwsnort/snort_rules/tftp.rules
FileSize2512
MD521DC12292E0BD4165DE9BE5BF5E9A0D8
SHA-11BFFAEC21C9FD145577F48F7794C6A129F02A5A8
SHA-2564BA1CEAB39B6CC8D0659E1321EC77E71C3A44B46DAB6E3197645BEAEA8961A3B
SSDEEP48:gQBPZ28R49j8YCRvxDLkMS8pbMeDpkQle38newAe8me7RO:BSW1FQMS8pbMeDpJleMnewAe8me7Q
TLSHT16E51D03C1FEA4D9117F1F69868837B9F2112E076B8A045403394353DDAC8D6665BB2AF
Key Value
CRC32276F1CAA
FileName./usr/lib/fwsnort/i386-linux/NetAddr/IP/InetBase.pm
FileSize19240
MD5B82CA92F5CBDC37B437C19F33FA41C33
OpSystemCode362
ProductCode17075
RDS:package_id17075
SHA-11DE8FBFAA8AB24CD6DBD96A2FED2D6B1A11299B6
SHA-2564871D37D5C3D4B80A47EFBB1A4E09A942B24C72367F79AC5280D0A3367B454DB
SSDEEP384:h/3ce2jAfJh3WO0XjhHUZxvCb6euc0lBOQdQjvmx:5F33WO0XjhHLb6el0l9Imx
SpecialCode
TLSHT12882B88937D3E6A9E52750692A8ED144F38E5AE3B3C8E9E9FC9C41911FC082183F4794
dbnsrl_legacy
insert-timestamp1648735213.0160325
sourceRDS_2022.03.1_legacy.db