Server IP : 85.214.239.14 / Your IP : 3.144.6.144 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /proc/2/root/proc/2/task/2/root/usr/share/augeas/lenses/dist/tests/ |
Upload File : |
module Test_Mailscanner_Rules = let conf = "# JKF 10/08/2007 Adobe Acrobat nastiness rename \.fdf$ Dangerous Adobe Acrobat data-file Opening this file can cause auto-loading of any file from the internet # JKF 04/01/2005 More Microsoft security vulnerabilities deny \.ico$ Windows icon file security vulnerability Possible buffer overflow in Windows allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - - deny+delete \.cur$ Windows cursor file security vulnerability Possible buffer overflow in Windows andrew@baruwa.com,andrew@baruwa.net \.reg$ Possible Windows registry attack Windows registry entries are very dangerous in email andrew@baruwa.com andrew@baruwa.net \.chm$ Possible compiled Help file-based virus Compiled help files are very dangerous in email rename to .ppt \.pps$ Renamed .pps to .ppt Renamed .pps to .ppt " test Mailscanner_Rules.lns get conf = { "#comment" = "JKF 10/08/2007 Adobe Acrobat nastiness" } { "1" { "action" = "rename" } { "regex" = "\.fdf$" } { "log-text" = "Dangerous Adobe Acrobat data-file" } { "user-report" = "Opening this file can cause auto-loading of any file from the internet" } } {} { "#comment" = "JKF 04/01/2005 More Microsoft security vulnerabilities" } { "2" { "action" = "deny" } { "regex" = "\.ico$" } { "log-text" = "Windows icon file security vulnerability" } { "user-report" = "Possible buffer overflow in Windows" } } { "3" { "action" = "allow" } { "regex" = "\.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$" } { "log-text" = "-" } { "user-report" = "-" } } { "4" { "action" = "deny+delete" } { "regex" = "\.cur$" } { "log-text" = "Windows cursor file security vulnerability" } { "user-report" = "Possible buffer overflow in Windows" } } { "5" { "action" = "andrew@baruwa.com,andrew@baruwa.net" } { "regex" = "\.reg$" } { "log-text" = "Possible Windows registry attack" } { "user-report" = "Windows registry entries are very dangerous in email" } } { "6" { "action" = "andrew@baruwa.com andrew@baruwa.net" } { "regex" = "\.chm$" } { "log-text" = "Possible compiled Help file-based virus" } { "user-report" = "Compiled help files are very dangerous in email" } } { "7" { "action" = "rename to .ppt" } { "regex" = "\.pps$" } { "log-text" = "Renamed .pps to .ppt" } { "user-report" = "Renamed .pps to .ppt" } }