"SfR Fresh" - the SfR Freeware/Shareware Archive 
Member "os-sim-0.9.9/db/096-to-097.sql" of archive os-sim-0.9.9p1.tar.gz:
As a special service "SfR Fresh" has tried to format the requested source page into HTML format using source code syntax highlighting with prefixed line numbers.
Alternatively you can here view or download the uninterpreted source code file.
That can be also achieved for any archive member file by clicking within an archive contents listing on the first character of the file(path) respectively on the according byte size field.
1 ALTER TABLE host ADD rrd_profile varchar(64) AFTER nat;
2 ALTER TABLE net ADD rrd_profile varchar(64) AFTER persistence;
3 ALTER TABLE host_services ADD port varchar(15) NOT NULL AFTER ip;
4
5 ---
6 --- Config
7 ---
8
9 DROP TABLE IF EXISTS rrd_config;
10 CREATE TABLE rrd_config (
11 profile VARCHAR(64) NOT NULL,
12 rrd_attrib VARCHAR(60) NOT NULL,
13 threshold INTEGER UNSIGNED NOT NULL,
14 priority INTEGER UNSIGNED NOT NULL,
15 alpha FLOAT UNSIGNED NOT NULL,
16 beta FLOAT UNSIGNED NOT NULL,
17 persistence INTEGER UNSIGNED NOT NULL,
18 enable TINYINT DEFAULT 1,
19 description TEXT,
20 PRIMARY KEY (profile, rrd_attrib)
21 );
22
23 /* old conf table */
24 DROP TABLE IF EXISTS conf;
25
26 DROP TABLE IF EXISTS config;
27 CREATE TABLE config (
28 conf varchar(255) NOT NULL,
29 value varchar(255),
30 PRIMARY KEY (conf)
31 );
32
33 INSERT INTO config (conf, value) VALUES ('snort_path', '/etc/snort/');
34 INSERT INTO config (conf, value) VALUES ('snort_rules_path', '/etc/snort/rules/');
35 INSERT INTO config (conf, value) VALUES ('snort_type', 'mysql');
36 INSERT INTO config (conf, value) VALUES ('snort_base', 'snort');
37 INSERT INTO config (conf, value) VALUES ('snort_user', 'root');
38 INSERT INTO config (conf, value) VALUES ('snort_pass', 'ossim');
39 INSERT INTO config (conf, value) VALUES ('snort_host', 'localhost');
40 INSERT INTO config (conf, value) VALUES ('snort_port', '3306');
41 INSERT INTO config (conf, value) VALUES ('server_address', 'localhost');
42 INSERT INTO config (conf, value) VALUES ('server_port', '40001');
43 INSERT INTO config (conf, value) VALUES ('phpgacl_path', '/var/www/phpgacl/');
44 INSERT INTO config (conf, value) VALUES ('graph_link', '/cgi-bin/draw_graph_combined.pl');INSERT INTO config (conf, value) VALUES ('rrdtool_lib_path', '/usr/lib/perl5/');
45 INSERT INTO config (conf, value) VALUES ('ntop_link', 'http://localhost:3000');
46 INSERT INTO config (conf, value) VALUES ('backup_type', 'mysql');
47 INSERT INTO config (conf, value) VALUES ('backup_base', 'snort_archive');
48 INSERT INTO config (conf, value) VALUES ('backup_user', 'root');
49 INSERT INTO config (conf, value) VALUES ('backup_pass', 'ossim');
50 INSERT INTO config (conf, value) VALUES ('backup_host', 'localhost');
51 INSERT INTO config (conf, value) VALUES ('backup_port', '3306');
52 INSERT INTO config (conf, value) VALUES ('backup_dir', '/var/lib/ossim/backup');
53 INSERT INTO config (conf, value) VALUES ('backup_day', '5');
54 INSERT INTO config (conf, value) VALUES ('nessus_user', 'ossim');
55 INSERT INTO config (conf, value) VALUES ('nessus_pass', 'ossim');
56 INSERT INTO config (conf, value) VALUES ('nessus_host', 'localhost');
57 INSERT INTO config (conf, value) VALUES ('nessus_port', '1241');
58 INSERT INTO config (conf, value) VALUES ('acid_user', 'ossim');
59 INSERT INTO config (conf, value) VALUES ('acid_pass', 'ossim');
60 INSERT INTO config (conf, value) VALUES ('ossim_web_user', 'admin');
61 INSERT INTO config (conf, value) VALUES ('ossim_web_pass', 'admin');
62 INSERT INTO config (conf, value) VALUES ('jpgraph_path', '/usr/share/jpgraph/');
63 INSERT INTO config (conf, value) VALUES ('fpdf_path', '/usr/share/fpdf/');
64 INSERT INTO config (conf, value) VALUES ('adodb_path', '/var/www/adodb-411/');
65 INSERT INTO config (conf, value) VALUES ('rrdtool_path', '/usr/bin/');
66 INSERT INTO config (conf, value) VALUES ('mrtg_path', '/usr/bin/');
67 INSERT INTO config (conf, value) VALUES ('mrtg_rrd_files_path', '/var/www/ossim/mrtg/');
68 INSERT INTO config (conf, value) VALUES ('rrdpath_host', '/var/www/ossim/mrtg/host_qualification/');
69 INSERT INTO config (conf, value) VALUES ('rrdpath_net', '/var/www/ossim/mrtg/net_qualification/');
70 INSERT INTO config (conf, value) VALUES ('rrdpath_global', '/var/www/ossim/mrtg/global_qualification/');
71 INSERT INTO config (conf, value) VALUES ('rrdpath_level', '/var/www/ossim/mrtg/level_qualification/');
72 INSERT INTO config (conf, value) VALUES ('rrdpath_ntop', '/usr/share/ntop/rrd/');
73 INSERT INTO config (conf, value) VALUES ('font_path', '/usr/share/ossim/fonts/Vera.ttf');
74 INSERT INTO config (conf, value) VALUES ('opennms_link', 'http://localhost:8080/opennms/');
75 INSERT INTO config (conf, value) VALUES ('nessus_path', '/usr/local/bin/nessus/');
76 INSERT INTO config (conf, value) VALUES ('nessus_rpt_path', '/var/www/ossim/vulnmeter/');
77 INSERT INTO config (conf, value) VALUES ('acid_link', '/acid/');
78 INSERT INTO config (conf, value) VALUES ('acid_path', '/var/www/acid/');
79 INSERT INTO config (conf, value) VALUES ('use_resolv', '0');
80 INSERT INTO config (conf, value) VALUES ('recovery', '1');
81 INSERT INTO config (conf, value) VALUES ('threshold', '300');
82
83
84
85 DELETE FROM rrd_config;
86
87 INSERT INTO rrd_config VALUES ('Default','activeHostSendersNum',500,5,0.1,0.0035,4,1,'');
88 INSERT INTO rrd_config VALUES ('Default','arpRarpBytes',50,3,0.1,0.0035,4,1,'');
89 INSERT INTO rrd_config VALUES ('Default','broadcastPkts',500,3,0.1,0.0035,4,1,'');
90 INSERT INTO rrd_config VALUES ('Default','ethernetBytes',300000,3,0.1,0.0035,4,1,'');
91 INSERT INTO rrd_config VALUES ('Default','ethernetPkts',1000,3,0.1,0.0035,4,1,'');
92 INSERT INTO rrd_config VALUES ('Default','fragmentedIpBytes',100,1,0.1,0.0035,4,1,'');
93 INSERT INTO rrd_config VALUES ('Default','icmpBytes',5000,3,0.1,0.0035,4,1,'');
94 INSERT INTO rrd_config VALUES ('Default','igmpBytes',100,3,0.1,0.0035,4,1,'');
95 INSERT INTO rrd_config VALUES ('Default','ipBytes',1000000,5,0.1,0.0035,4,1,'');
96 INSERT INTO rrd_config VALUES ('Default','ipv6Bytes',500,5,0.1,0.0035,4,1,'');
97 INSERT INTO rrd_config VALUES ('Default','ipxBytes',100,1,0.1,0.0035,4,1,'');
98 INSERT INTO rrd_config VALUES ('Default','IP_DHCP-BOOTPBytes',1,5,0.1,0.0035,4,1,'');
99 INSERT INTO rrd_config VALUES ('Default','IP_DNSBytes',10000,3,0.1,0.0035,4,1,'');
100 INSERT INTO rrd_config VALUES ('Default','IP_eDonkeyBytes',1000,5,0.1,0.0035,4,1,'');
101 INSERT INTO rrd_config VALUES ('Default','IP_FTPBytes',1000000,5,0.1,0.0035,4,1,'');
102 INSERT INTO rrd_config VALUES ('Default','IP_GnutellaBytes',1000,5,0.1,0.0035,4,1,'');
103 INSERT INTO rrd_config VALUES ('Default','IP_HTTPBytes',100000,5,0.1,0.0035,4,1,'');
104 INSERT INTO rrd_config VALUES ('Default','IP_KazaaBytes',1000,5,0.1,0.0035,4,1,'');
105 INSERT INTO rrd_config VALUES ('Default','IP_MailBytes',2500,5,0.1,0.0035,4,1,'');
106 INSERT INTO rrd_config VALUES ('Default','IP_MessengerBytes',1000,5,0.1,0.0035,4,1,'');
107 INSERT INTO rrd_config VALUES ('Default','IP_NBios-IPBytes',200000,5,0.1,0.0035,4,1,'');
108 INSERT INTO rrd_config VALUES ('Default','IP_NFSBytes',100,5,0.1,0.0035,4,1,'');
109 INSERT INTO rrd_config VALUES ('Default','IP_NNTPBytes',100,1,0.1,0.0035,4,1,'');
110 INSERT INTO rrd_config VALUES ('Default','IP_SNMPBytes',20,5,0.1,0.0035,4,1,'');
111 INSERT INTO rrd_config VALUES ('Default','IP_SSHBytes',10000,5,0.1,0.0035,4,1,'');
112 INSERT INTO rrd_config VALUES ('Default','IP_TelnetBytes',500,5,0.1,0.0035,4,1,'');
113 INSERT INTO rrd_config VALUES ('Default','IP_WinMXBytes',1000,5,0.1,0.0035,4,1,'');
114 INSERT INTO rrd_config VALUES ('Default','IP_X11Bytes',1000,3,0.1,0.0035,4,1,'');
115 INSERT INTO rrd_config VALUES ('Default','knownHostsNum',600,5,0.1,0.0035,4,1,'');
116 INSERT INTO rrd_config VALUES ('Default','mail_sessions',1,5,0.1,0.0035,4,1,'');
117 INSERT INTO rrd_config VALUES ('Default','multicastPkts',10,3,0.1,0.0035,4,1,'');
118 INSERT INTO rrd_config VALUES ('Default','nb_sessions',1,5,0.1,0.0035,4,1,'');
119 INSERT INTO rrd_config VALUES ('Default','otherBytes',10000,3,0.1,0.0035,4,1,'');
120 INSERT INTO rrd_config VALUES ('Default','otherIpBytes',10000,3,0.1,0.0035,4,1,'');
121 INSERT INTO rrd_config VALUES ('Default','stpBytes',500,5,0.1,0.0035,4,1,'');
122 INSERT INTO rrd_config VALUES ('Default','synPktsRcvd',3,5,0.1,0.0035,4,1,'');
123 INSERT INTO rrd_config VALUES ('Default','synPktsSent',4,5,0.1,0.0035,4,1,'');
124 INSERT INTO rrd_config VALUES ('Default','tcpBytes',800000,3,0.1,0.0035,4,1,'');
125 INSERT INTO rrd_config VALUES ('Default','totContactedRcvdPeers',1,5,0.1,0.0035,4,1,'');
126 INSERT INTO rrd_config VALUES ('Default','totContactedSentPeers',1,5,0.1,0.0035,4,1,'');
127 INSERT INTO rrd_config VALUES ('Default','udpBytes',200000,3,0.1,0.0035,4,1,'');
128 INSERT INTO rrd_config VALUES ('Default','upTo1024Pkts',40,5,0.1,0.0035,4,1,'');
129 INSERT INTO rrd_config VALUES ('Default','upTo128Pkts',500,1,0.1,0.0035,4,1,'');
130 INSERT INTO rrd_config VALUES ('Default','upTo1518Pkts',40,5,0.1,0.0035,4,1,'');
131 INSERT INTO rrd_config VALUES ('Default','upTo256Pkts',80,3,0.1,0.0035,4,1,'');
132 INSERT INTO rrd_config VALUES ('Default','upTo512Pkts',80,3,0.1,0.0035,4,1,'');
133 INSERT INTO rrd_config VALUES ('Default','upTo64Pkts',500,1,0.1,0.0035,4,1,'');
134 INSERT INTO rrd_config VALUES ('Default','web_sessions',5,5,0.1,0.0035,4,1,'');
135
136
137 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'activeHostSendersNum', 500, 5, 0.1, 0.0035, 4);
138 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'arpRarpBytes', 50, 3, 0.1, 0.0035, 4);
139 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'broadcastPkts', 500, 3, 0.1, 0.0035, 4);
140 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'ethernetBytes', 300000, 3, 0.1, 0.0035, 4);
141 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'ethernetPkts', 1000, 3, 0.1, 0.0035, 4);
142 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'fragmentedIpBytes', 100, 1, 0.1, 0.0035, 4);
143 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'icmpBytes', 5000, 3, 0.1, 0.0035, 4);
144 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'igmpBytes', 100, 3, 0.1, 0.0035, 4);
145 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'ipBytes', 1000000, 5, 0.1, 0.0035, 4);
146 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_DHCP-BOOTPBytes', 1, 5, 0.1, 0.0035, 4);
147 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_DNSBytes', 10000, 3, 0.1, 0.0035, 4);
148 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_eDonkeyBytes', 1000, 5, 0.1, 0.0035, 4);
149 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_FTPBytes', 1000000, 5, 0.1, 0.0035, 4);
150 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_GnutellaBytes', 1000, 5, 0.1, 0.0035, 4);
151 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_HTTPBytes', 100000, 5, 0.1, 0.0035, 4);
152 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_KazaaBytes', 1000, 5, 0.1, 0.0035, 4);
153 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_MailBytes', 2500, 5, 0.1, 0.0035, 4);
154 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_MessengerBytes', 1000, 5, 0.1, 0.0035, 4);
155 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_NBios-IPBytes', 200000, 5, 0.1, 0.0035, 4);
156 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_NFSBytes', 100, 5, 0.1, 0.0035, 4);
157 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_NNTPBytes', 100, 1, 0.1, 0.0035, 4);
158 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_SNMPBytes', 20, 5, 0.1, 0.0035, 4);
159 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_SSHBytes', 10000, 5, 0.1, 0.0035, 4);
160 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_TelnetBytes', 500, 5, 0.1, 0.0035, 4);
161 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'ipv6Bytes', 500, 5, 0.1, 0.0035, 4);
162 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_WinMXBytes', 1000, 5, 0.1, 0.0035, 4);
163 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'IP_X11Bytes', 1000, 3, 0.1, 0.0035, 4);
164 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'ipxBytes', 100, 1, 0.1, 0.0035, 4);
165 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'knownHostsNum', 600, 5, 0.1, 0.0035, 4);
166 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'multicastPkts', 10, 3, 0.1, 0.0035, 4);
167 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'otherBytes', 10000, 3, 0.1, 0.0035, 4);
168 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'otherIpBytes', 10000, 3, 0.1, 0.0035, 4);
169 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'stpBytes', 500, 5, 0.1, 0.0035, 4);
170 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'tcpBytes', 800000, 3, 0.1, 0.0035, 4);
171 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'udpBytes', 200000, 3, 0.1, 0.0035, 4);
172 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo1024Pkts', 40, 5, 0.1, 0.0035, 4);
173 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo128Pkts', 500, 1, 0.1, 0.0035, 4);
174 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo1518Pkts', 40, 5, 0.1, 0.0035, 4);
175 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo256Pkts', 80, 3, 0.1, 0.0035, 4);
176 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo512Pkts', 80, 3, 0.1, 0.0035, 4);
177 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'upTo64Pkts', 500, 1, 0.1, 0.0035, 4);
178 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'synPktsSent', 4, 5, 0.1, 0.0035, 4);
179 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'synPktsRcvd', 3, 5, 0.1, 0.0035, 4);
180 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'totContactedSentPeers', 1, 5, 0.1, 0.0035, 4);
181 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'totContactedRcvdPeers', 1, 5, 0.1, 0.0035, 4);
182 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'web_sessions', 5, 5, 0.1, 0.0035, 4);
183 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'mail_sessions', 1, 5, 0.1, 0.0035, 4);
184 INSERT INTO rrd_config (profile, rrd_attrib, threshold, priority, alpha, beta, persistence) VALUES ("global", 'nb_sessions', 1, 5, 0.1, 0.0035, 4);
185
186 ---
187 --- Table: Users
188 ---
189 DROP TABLE IF EXISTS users;
190 CREATE TABLE users (
191 login varchar(64) NOT NULL,
192 name varchar(128) NOT NULL,
193 pass varchar(41) NOT NULL,
194 allowed_nets varchar(255) NOT NULL,
195 PRIMARY KEY (login)
196 );
197
198 --
199 -- Data: User
200 --
201 INSERT INTO users (login, name, pass, allowed_nets) VALUES ('admin', 'OSSIM admin', '21232f297a57a5a743894a0e4a801fc3', '');
202
203
204 --
205 -- Table: incident
206 --
207 DROP TABLE IF EXISTS incident;
208 CREATE TABLE incident (
209 id INTEGER NOT NULL AUTO_INCREMENT,
210 title VARCHAR(128) NOT NULL,
211 date TIMESTAMP NOT NULL,
212 ref ENUM ('Alarm', 'Metric') NOT NULL DEFAULT 'Alarm',
213 priority INTEGER NOT NULL,
214 PRIMARY KEY (id)
215 );
216
217 --
218 -- Table: incident ticket
219 --
220 DROP TABLE IF EXISTS incident_ticket;
221 CREATE TABLE incident_ticket (
222 id INTEGER NOT NULL AUTO_INCREMENT,
223 incident_id INTEGER NOT NULL,
224 date TIMESTAMP NOT NULL,
225 status ENUM ('Open', 'Closed') NOT NULL DEFAULT 'Open',
226 priority INTEGER NOT NULL,
227 users VARCHAR(64) NOT NULL,
228 description TEXT,
229 action TEXT,
230 in_charge VARCHAR(64),
231 transferred VARCHAR(64),
232 copy VARCHAR(64),
233 PRIMARY KEY (id, incident_id)
234 );
235
236 --
237 -- Table: incident alarm
238 --
239 DROP TABLE IF EXISTS incident_alarm;
240 CREATE TABLE incident_alarm (
241 id INTEGER NOT NULL AUTO_INCREMENT,
242 incident_id INTEGER NOT NULL,
243 src_ips VARCHAR(255) NOT NULL,
244 src_ports VARCHAR(255) NOT NULL,
245 dst_ips VARCHAR(255) NOT NULL,
246 dst_ports VARCHAR(255) NOT NULL,
247 PRIMARY KEY (id, incident_id)
248 );
249
250 --
251 -- Table: incident metric
252 --
253 DROP TABLE IF EXISTS incident_metric;
254 CREATE TABLE incident_metric (
255 id INTEGER NOT NULL AUTO_INCREMENT,
256 incident_id INTEGER NOT NULL,
257 target VARCHAR(255) NOT NULL,
258 metric_type ENUM ('Compromise', 'Attack') NOT NULL DEFAULT 'Compromise',
259 metric_value INTEGER NOT NULL,
260 PRIMARY KEY (id, incident_id)
261 );
262
263
264 DROP TABLE IF EXISTS incident_file;
265 CREATE TABLE incident_file (
266 id INTEGER NOT NULL AUTO_INCREMENT,
267 incident_id INTEGER NOT NULL,
268 incident_ticket INTEGER NOT NULL,
269 name VARCHAR(50),
270 type VARCHAR(50),
271 content mediumblob, /* 16Mb */
272 PRIMARY KEY (id, incident_id, incident_ticket)
273 );
274
275
276 --
277 -- Table: restoredb
278 --
279 DROP TABLE IF EXISTS restoredb_log;
280 CREATE TABLE restoredb_log (
281 id INTEGER NOT NULL AUTO_INCREMENT,
282 date TIMESTAMP,
283 pid INTEGER,
284 users VARCHAR(64),
285 data TEXT,
286 status SMALLINT,
287 percent SMALLINT,
288 PRIMARY KEY (id)
289 );
290
291 --
292 -- Prelude IDS
293 --
294
295 INSERT INTO plugin (id, type, name, description) VALUES (1513, 1, 'prelude', 'Prelude Hybrid IDS');
296
297 --
298 -- Cisco Router
299 --
300
301 UPDATE plugin_sid SET name = 'cisco router: Attempted to connect to RSHELL' WHERE plugin_id = '1510' AND sid = '1';
302 UPDATE plugin_sid SET name = 'cisco router: Clear counter on all interfaces' WHERE plugin_id = '1510' AND sid = '2';
303 UPDATE plugin_sid SET name = 'cisco router: Line protocol changed state' WHERE plugin_id = '1510' AND sid = '3';
304
305 --
306 -- Cisco PIX
307 --
308
309 INSERT INTO plugin (id, type, name, description) VALUES (1514, 1, 'ciscopix', 'Cisco Pix Firewall');
310
311 -- Alert Messages, Severity 1
312 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 101001, NULL, NULL, 'CiscoPIX: Failover cable OK', 3);
313 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 101002, NULL, NULL, 'CiscoPIX: Bad failover cable', 3);
314 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 101003, NULL, NULL, 'CiscoPIX: Failover cable not connected (this unit)', 3);
315 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 101004, NULL, NULL, 'CiscoPIX: Failover cable not connected (other unit)', 3);
316 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 101005, NULL, NULL, 'CiscoPIX: Error reading failover cable status', 3);
317 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 102001, NULL, NULL, 'CiscoPIX: Power failure/System reload other side', 3);
318 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 103001, NULL, NULL, 'CiscoPIX: No response from other firewall', 3);
319 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 103002, NULL, NULL, 'CiscoPIX: Other firewall network interface OK', 3);
320 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 103003, NULL, NULL, 'CiscoPIX: Other firewall network interface failed', 3);
321 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 103004, NULL, NULL, 'CiscoPIX: Other firewall reports this firewall failed', 3);
322 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 103005, NULL, NULL, 'CiscoPIX: Other firewall reporting failure', 3);
323 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 104001, NULL, NULL, 'CiscoPIX: Switching to ACTIVE', 3);
324 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 104002, NULL, NULL, 'CiscoPIX: Switching to STNDBY', 3);
325 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 104003, NULL, NULL, 'CiscoPIX: Switching to FAILED', 3);
326 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 104004, NULL, NULL, 'CiscoPIX: Switching to OK', 3);
327 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105001, NULL, NULL, 'CiscoPIX: Disabling failover', 3);
328 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105002, NULL, NULL, 'CiscoPIX: Enabling failover', 3);
329 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105003, NULL, NULL, 'CiscoPIX: Monitoring waiting', 3);
330 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105004, NULL, NULL, 'CiscoPIX: Monitoring normal', 3);
331 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105005, NULL, NULL, 'CiscoPIX: Lost Failover communications with mate', 3);
332 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105006, NULL, NULL, 'CiscoPIX: Link status UP', 3);
333 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105007, NULL, NULL, 'CiscoPIX: Link status DOWN', 3);
334 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105008, NULL, NULL, 'CiscoPIX: Testing interface', 3);
335 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105009, NULL, NULL, 'CiscoPIX: Testing on interface', 3);
336 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105011, NULL, NULL, 'CiscoPIX: Failover cable communication failure', 3);
337 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105020, NULL, NULL, 'CiscoPIX: Incomplete/slow config replication', 3);
338 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105031, NULL, NULL, 'CiscoPIX: Failover LAN interface is up', 3);
339 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105032, NULL, NULL, 'CiscoPIX: LAN Failover interface is down', 3);
340 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105034, NULL, NULL, 'CiscoPIX: Receive a LAN_FAILOVER_UP message from peer', 3);
341 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105035, NULL, NULL, 'CiscoPIX: Receive a LAN failover interface down msg from peer', 3);
342 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105036, NULL, NULL, 'CiscoPIX: PIX dropped a LAN Failover command message', 3);
343 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 105037, NULL, NULL, 'CiscoPIX: The primary and standby units are switching back and forth as the active unit', 3);
344 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106021, NULL, NULL, 'CiscoPIX: Deny protocol reverse path check', 3);
345 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106022, NULL, NULL, 'CiscoPIX: Deny protocol connection spoof', 3);
346 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 107001, NULL, NULL, 'CiscoPIX: RIP auth failed', 3);
347 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 107002, NULL, NULL, 'CiscoPIX: RIP pkt failed', 3);
348 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 709003, NULL, NULL, 'CiscoPIX: Beginning configuration replication: Receiving from mate', 3);
349 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 709004, NULL, NULL, 'CiscoPIX: End Configuration Replication (ACT)', 3);
350 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 709005, NULL, NULL, 'CiscoPIX: Beginning configuration replication: Receiving from mate', 3);
351 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 709006, NULL, NULL, 'CiscoPIX: End Configuration Replication (STB)', 3);
352
353 -- Critical Messages, Severity 2
354 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106001, NULL, NULL, 'CiscoPIX: Inbound TCP connection denied', 2);
355 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106002, NULL, NULL, 'CiscoPIX: protocol Connection denied', 2);
356 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106006, NULL, NULL, 'CiscoPIX: Deny inbound UDP', 2);
357 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106007, NULL, NULL, 'CiscoPIX: Deny inbound UDP due to DNS flag', 2);
358 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106012, NULL, NULL, 'CiscoPIX: Deny', 2);
359 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106013, NULL, NULL, 'CiscoPIX: Dropping echo request', 2);
360 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106016, NULL, NULL, 'CiscoPIX: Deny IP spoof', 2);
361 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106017, NULL, NULL, 'CiscoPIX: Deny IP due to Land Attack', 2);
362 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106018, NULL, NULL, 'CiscoPIX: ICMP packet denied', 2);
363 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 106020, NULL, NULL, 'CiscoPIX: Deny IP teardrop fragment', 2);
364 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 108002, NULL, NULL, 'CiscoPIX: SMTP replaced chars', 2);
365 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 109011, NULL, NULL, 'CiscoPIX: Authen Session Start', 2);
366 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 112001, NULL, NULL, 'CiscoPIX: PIX Clear complete', 2);
367 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 201003, NULL, NULL, 'CiscoPIX: Embryonic limit exceeded neconns/elimit', 2);
368 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 214001, NULL, NULL, 'CiscoPIX: Terminating manager session. Reason: incoming encrypted data (number bytes) longer than upper_limit_number bytes', 2);
369 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 304007, NULL, NULL, 'CiscoPIX: URL Server IP_addr not responding, ENTERING ALLOW mode', 2);
370 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 304008, NULL, NULL, 'CiscoPIX: LEAVING ALLOW mode, URL Server is up', 2);
371 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 304009, NULL, NULL, 'CiscoPIX: Ran out of buffer blocks specified by url-block command', 2);
372 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 316001, NULL, NULL, 'CiscoPIX: Denied new tunnel to peer_IP. VPN peer limit (platform_vpn_peer_limit) exceeded', 2);
373 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority) VALUES (1514, 709007, NULL, NULL, 'CiscoPIX: Configuration replication failed for command command_name', 2);
374
375 --
376 -- Cisco Secure IDS
377 --
378
379 INSERT INTO plugin (id, type, name, description) VALUES (1515, 1, 'ciscoids', 'Cisco Secure IDS');
380
381 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1000, NULL, NULL, 'IP options-Bad Option List');
382 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 10000, NULL, NULL, 'IP-Spoof Interface 1');
383 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1001, NULL, NULL, 'IP options-Record Packet Route');
384 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1002, NULL, NULL, 'IP options-Timestamp');
385 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1003, NULL, NULL, 'IP options-Provide s,c,h,tcc');
386 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1004, NULL, NULL, 'IP options-Loose Source Route');
387 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1005, NULL, NULL, 'IP options-SATNET ID');
388 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1006, NULL, NULL, 'IP options-Strict Source Route');
389 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1100, NULL, NULL, 'IP Fragment Attack');
390 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11000, NULL, NULL, 'KaZaA v2 UDP Client Probe');
391 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11001, NULL, NULL, 'Gnutella Client Request');
392 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11002, NULL, NULL, 'Gnutella Server Reply');
393 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11003, NULL, NULL, 'Qtella File Request');
394 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11004, NULL, NULL, 'Bearshare file request ');
395 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11005, NULL, NULL, 'KaZaA GET Request');
396 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11006, NULL, NULL, 'Gnucleus file request');
397 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11007, NULL, NULL, 'Limewire File Request');
398 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11008, NULL, NULL, 'Morpheus File Request');
399 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11009, NULL, NULL, 'Phex File Request');
400 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1101, NULL, NULL, 'Unknown IP Protocol');
401 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11010, NULL, NULL, 'Swapper File Request');
402 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11011, NULL, NULL, 'XoloX File Request');
403 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11012, NULL, NULL, 'GTK-Gnutella File Request');
404 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11013, NULL, NULL, 'Mutella File Request ');
405 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11014, NULL, NULL, 'Hotline Client Login');
406 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11015, NULL, NULL, 'Hotline File Transfer');
407 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11016, NULL, NULL, 'Hotline Tracker Login');
408 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1102, NULL, NULL, 'Impossible IP Packet');
409 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1103, NULL, NULL, 'IP Fragments Overlap');
410 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1104, NULL, NULL, 'IP Localhost Source Spoof');
411 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1107, NULL, NULL, 'RFC 1918 Addresses Seen');
412 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1108, NULL, NULL, 'IP Packet with Proto 11');
413 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11200, NULL, NULL, 'Yahoo Messenger Activity');
414 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11201, NULL, NULL, 'MSN Messenger Activity');
415 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11202, NULL, NULL, 'AOL / ICQ Activity');
416 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11203, NULL, NULL, 'IRC Channel Join');
417 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 11204, NULL, NULL, 'Jabber Activity [new.gif]');
418 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1200, NULL, NULL, 'IP Fragmentation Buffer Full');
419 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1201, NULL, NULL, 'IP Fragment Overlap');
420 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1202, NULL, NULL, 'IP Fragment Overrun - Datagram Too Long');
421 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1203, NULL, NULL, 'IP Fragment Overwrite - Data is Overwritten');
422 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1204, NULL, NULL, 'IP Fragment Missing Initial Fragment ');
423 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1205, NULL, NULL, 'IP Fragment Too Many Datagrams');
424 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1206, NULL, NULL, 'IP Fragment Too Small');
425 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1207, NULL, NULL, 'IP Fragment Too Many Frags');
426 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1208, NULL, NULL, 'IP Fragment Incomplete Datagram');
427 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1220, NULL, NULL, 'Jolt2 Fragment Reassembly DoS attack');
428 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 1300, NULL, NULL, 'TCP Segment Overwrite');
429 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2000, NULL, NULL, 'ICMP Echo Reply');
430 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2001, NULL, NULL, 'ICMP Host Unreachable');
431 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2002, NULL, NULL, 'ICMP Source Quench');
432 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2003, NULL, NULL, 'ICMP Redirect');
433 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2004, NULL, NULL, 'ICMP Echo Request');
434 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2005, NULL, NULL, 'ICMP Time Exceeded for a Datagram');
435 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2006, NULL, NULL, 'ICMP Parameter Problem on Datagram');
436 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2007, NULL, NULL, 'ICMP Timestamp Request');
437 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2008, NULL, NULL, 'ICMP Timestamp Reply');
438 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2009, NULL, NULL, 'ICMP Information Request');
439 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2010, NULL, NULL, 'ICMP Information Reply');
440 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2011, NULL, NULL, 'ICMP Address Mask Request');
441 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2012, NULL, NULL, 'ICMP Address Mask Reply');
442 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2100, NULL, NULL, 'ICMP Network Sweep w/Echo');
443 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2101, NULL, NULL, 'ICMP Network Sweep w/Timestamp');
444 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2102, NULL, NULL, 'ICMP Network Sweep w/Address Mask');
445 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2150, NULL, NULL, 'Fragmented ICMP Traffic');
446 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2151, NULL, NULL, 'Large ICMP Traffic');
447 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2152, NULL, NULL, 'ICMP Flood');
448 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2153, NULL, NULL, 'Smurf');
449 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2154, NULL, NULL, 'Ping of Death Attack');
450 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 2155, NULL, NULL, 'Modem DoS');
451 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3000, NULL, NULL, 'TCP Ports');
452 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3001, NULL, NULL, 'TCP Port Sweep');
453 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3002, NULL, NULL, 'TCP SYN Port Sweep');
454 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3003, NULL, NULL, 'TCP Frag SYN Port Sweep');
455 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3005, NULL, NULL, 'TCP FIN Port Sweep');
456 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3006, NULL, NULL, 'TCP Frag FIN Port Sweep');
457 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3010, NULL, NULL, 'TCP High Port Sweep');
458 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3011, NULL, NULL, 'TCP FIN High Port Sweep');
459 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3012, NULL, NULL, 'TCP Frag FIN High Port Sweep');
460 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3015, NULL, NULL, 'TCP Null Port Sweep');
461 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3016, NULL, NULL, 'TCP Frag Null Port Sweep');
462 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3020, NULL, NULL, 'TCP SYN FIN Port Sweep');
463 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3021, NULL, NULL, 'TCP Frag SYN FIN Port Sweep');
464 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3030, NULL, NULL, 'TCP SYN Host Sweep');
465 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3031, NULL, NULL, 'TCP FRAG SYN Host Sweep');
466 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3032, NULL, NULL, 'TCP FIN Host Sweep');
467 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3033, NULL, NULL, 'TCP FRAG FIN Host Sweep');
468 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3034, NULL, NULL, 'TCP NULL Host Sweep');
469 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3035, NULL, NULL, 'TCP FRAG NULL Host Sweep');
470 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3036, NULL, NULL, 'TCP SYN FIN Host Sweep');
471 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3037, NULL, NULL, 'TCP FRAG SYN FIN Host Sweep');
472 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3038, NULL, NULL, 'Fragmented NULL TCP Packet');
473 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3039, NULL, NULL, 'Fragmented Orphaned FIN packet');
474 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3040, NULL, NULL, 'NULL TCP Packet');
475 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3041, NULL, NULL, 'SYN/FIN Packet');
476 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3042, NULL, NULL, 'Orphaned Fin Packet');
477 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3043, NULL, NULL, 'Fragmented SYN/FIN Packet');
478 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3045, NULL, NULL, 'Queso Sweep');
479 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3046, NULL, NULL, 'NMAP OS Fingerprint');
480 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3050, NULL, NULL, 'Half-open SYN Attack');
481 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3100, NULL, NULL, 'Smail Attack');
482 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3101, NULL, NULL, 'Sendmail Invalid Recipient');
483 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3102, NULL, NULL, 'Sendmail Invalid Sender');
484 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3103, NULL, NULL, 'Sendmail Reconnaissance');
485 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3104, NULL, NULL, 'Archaic Sendmail Attacks');
486 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3105, NULL, NULL, 'Sendmail Decode Alias');
487 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3106, NULL, NULL, 'Mail Spam');
488 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3107, NULL, NULL, 'Majordomo Execute Attack');
489 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3108, NULL, NULL, 'MIME Overflow Bug');
490 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3109, NULL, NULL, 'Long SMTP Command');
491 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3110, NULL, NULL, 'Suspicious Mail Attachment');
492 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3111, NULL, NULL, 'W32 Sircam Malicious Code');
493 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3112, NULL, NULL, 'Lotus Domino Mail Loop DoS');
494 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3114, NULL, NULL, 'FetchMail Arbitrary Code Execution');
495 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3115, NULL, NULL, 'Sendmail Data Header Overflow');
496 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3116, NULL, NULL, 'Netbus');
497 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3117, NULL, NULL, 'KLEZ worm ');
498 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3118, NULL, NULL, 'rwhoisd format string');
499 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3119, NULL, NULL, 'WS_FTP STAT overflow ');
500 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3120, NULL, NULL, 'ANTS virus');
501 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3121, NULL, NULL, 'Vintra MailServer EXPN DoS');
502 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3122, NULL, NULL, 'SMTP EXPN root Recon');
503 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3123, NULL, NULL, 'NetBus Pro Traffic');
504 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3124, NULL, NULL, 'Sendmail prescan Memory Corruption');
505 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3150, NULL, NULL, 'FTP Remote Command Execution');
506 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3151, NULL, NULL, 'FTP SYST Command Attempt');
507 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3152, NULL, NULL, 'FTP CWD ~root');
508 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3153, NULL, NULL, 'FTP Improper Address Specified');
509 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3154, NULL, NULL, 'FTP Improper Port Specified');
510 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3155, NULL, NULL, 'FTP RETR Pipe Filename Command Execution');
511 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3156, NULL, NULL, 'FTP STOR Pipe Filename Command Execution');
512 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3157, NULL, NULL, 'FTP PASV Port Spoof');
513 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3158, NULL, NULL, 'FTP SITE EXEC Format String');
514 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3159, NULL, NULL, 'FTP PASS Suspicious Length');
515 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3160, NULL, NULL, 'Cesar FTP Buffer Overflow');
516 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3161, NULL, NULL, 'FTP realpath Buffer Overflow');
517 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3162, NULL, NULL, 'glFtpD LIST DoS');
518 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3163, NULL, NULL, 'wu-ftpd heap corruption vulnerability');
519 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3164, NULL, NULL, 'Instant Server Mini Portal Directory Traversal ');
520 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3165, NULL, NULL, 'FTP SITE EXEC');
521 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3166, NULL, NULL, 'FTP USER Suspicious Length');
522 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3167, NULL, NULL, 'Format String in FTP username');
523 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3168, NULL, NULL, 'FTP SITE EXEC Directory Traversal');
524 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3169, NULL, NULL, 'FTP SITE EXEC tar');
525 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3170, NULL, NULL, 'WS_FTP SITE CPWD Buffer Overflow');
526 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3171, NULL, NULL, 'Ftp Priviledged Login');
527 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3172, NULL, NULL, 'Ftp Cwd Overflow');
528 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3173, NULL, NULL, 'Long FTP Command');
529 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3175, NULL, NULL, 'ProFTPD STAT DoS');
530 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3200, NULL, NULL, 'WWW Phf Attack');
531 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3201, NULL, NULL, 'Unix Password File Access Attempt');
532 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3202, NULL, NULL, 'WWW .url File Requested');
533 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3203, NULL, NULL, 'WWW .lnk File Requested');
534 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3204, NULL, NULL, 'WWW .bat File Requested');
535 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3205, NULL, NULL, 'HTML File Has .url Link');
536 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3206, NULL, NULL, 'HTML File Has .lnk Link');
537 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3207, NULL, NULL, 'HTML File Has .bat Link');
538 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3208, NULL, NULL, 'WWW campas Attack');
539 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3209, NULL, NULL, 'WWW Glimpse Server Attack');
540 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3210, NULL, NULL, 'WWW IIS View Source Attack');
541 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3211, NULL, NULL, 'WWW IIS Hex View Source Attack');
542 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3212, NULL, NULL, 'WWW NPH-TEST-CGI Attack');
543 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3213, NULL, NULL, 'WWW TEST-CGI Attack');
544 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3214, NULL, NULL, 'IIS DOT DOT VIEW Attack');
545 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3215, NULL, NULL, 'IIS DOT DOT EXECUTE Attack');
546 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3216, NULL, NULL, 'WWW Directory Traversal ../..');
547 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3217, NULL, NULL, 'WWW php View File Attack');
548 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3218, NULL, NULL, 'WWW SGI Wrap Attack');
549 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3219, NULL, NULL, 'WWW PHP Buffer Overflow');
550 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3220, NULL, NULL, 'IIS Long URL Crash Bug');
551 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3221, NULL, NULL, 'WWW cgi-viewsource Attack');
552 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3222, NULL, NULL, 'WWW PHP Log Scripts Read Attack');
553 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3223, NULL, NULL, 'WWW IRIX cgi-handler Attack');
554 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3224, NULL, NULL, 'HTTP WebGais');
555 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3225, NULL, NULL, 'WWW websendmail File Access');
556 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3226, NULL, NULL, 'WWW Webdist Bug');
557 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3227, NULL, NULL, 'WWW Htmlscript Bug');
558 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3228, NULL, NULL, 'WWW Performer Bug');
559 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3229, NULL, NULL, 'Website Win-C-Sample Buffer Overflow');
560 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3230, NULL, NULL, 'Website Uploader');
561 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3231, NULL, NULL, 'Novell convert');
562 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3232, NULL, NULL, 'WWW finger attempt');
563 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3233, NULL, NULL, 'WWW count-cgi Overflow');
564 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3250, NULL, NULL, 'TCP Hijack');
565 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3251, NULL, NULL, 'TCP Hijacking Simplex Mode');
566 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3300, NULL, NULL, 'NetBIOS OOB Data');
567 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3301, NULL, NULL, 'NETBIOS Stat');
568 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3302, NULL, NULL, 'NETBIOS Session Setup Failure');
569 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3303, NULL, NULL, 'Windows Guest Login');
570 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3304, NULL, NULL, 'Windows Null Account Name');
571 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3305, NULL, NULL, 'Windows Password File Access');
572 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3306, NULL, NULL, 'Windows Registry Access');
573 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3307, NULL, NULL, 'Windows Redbutton Attack');
574 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3308, NULL, NULL, 'Windows LSARPC Access');
575 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3309, NULL, NULL, 'Windows SRVSVC Access');
576 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3310, NULL, NULL, 'Netbios Enum Share DoS');
577 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3311, NULL, NULL, 'SMB: remote SAM service access attempt');
578 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3312, NULL, NULL, 'SMB .eml email file remote access');
579 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3313, NULL, NULL, 'SMB suspicous password usage');
580 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3314, NULL, NULL, 'Windows Locator Service Overflow');
581 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3320, NULL, NULL, 'SMB: ADMIN$ hidden share access attempt');
582 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3321, NULL, NULL, 'SMB: User Enumeration');
583 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3322, NULL, NULL, 'SMB: Windows Share Enumeration');
584 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3323, NULL, NULL, 'SMB: RFPoison Attack');
585 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3324, NULL, NULL, 'SMB NIMDA infected file transfer');
586 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3325, NULL, NULL, 'Samba call_trans2open Overflow');
587 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3326, NULL, NULL, 'Windows Startup Folder Remote Access');
588 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3400, NULL, NULL, 'Sunkill');
589 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3401, NULL, NULL, 'Telnet-IFS Match');
590 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3402, NULL, NULL, 'BSD Telnet Daemon Buffer Overflow');
591 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3403, NULL, NULL, 'Telnet Excessive Environment Options');
592 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3404, NULL, NULL, 'SysV /bin/login Overflow');
593 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3405, NULL, NULL, 'Avirt Gateway proxy Buffer Overflow ');
594 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3406, NULL, NULL, 'Solaris TTYPROMPT /bin/login Overflow');
595 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3450, NULL, NULL, 'Finger Bomb');
596 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3451, NULL, NULL, 'BearShare Directory Traversal');
597 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3452, NULL, NULL, 'gopherd halidate overflow');
598 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3453, NULL, NULL, 'MS NetMeeting RDS DoS');
599 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3454, NULL, NULL, 'Check Point Firewall Information Leak');
600 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3455, NULL, NULL, 'Java Web Server Cmd Exec');
601 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3456, NULL, NULL, 'Solaris in.fingerd Information Leak');
602 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3457, NULL, NULL, 'Finger root shell');
603 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3458, NULL, NULL, 'AIM game invite overflow');
604 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3459, NULL, NULL, 'ValiCert forms.exe overflow ');
605 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3461, NULL, NULL, 'Finger probe');
606 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3462, NULL, NULL, 'Finger Redirect');
607 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3463, NULL, NULL, 'Finger root');
608 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3464, NULL, NULL, 'File access in finger');
609 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3465, NULL, NULL, 'Finger Activity');
610 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3500, NULL, NULL, 'Rlogin -froot Attack');
611 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3501, NULL, NULL, 'Rlogin Long TERM Variable');
612 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3502, NULL, NULL, 'rlogin Activity');
613 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3525, NULL, NULL, 'IMAP Authenticate Buffer Overflow');
614 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3526, NULL, NULL, 'Imap Login Buffer Overflow');
615 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3530, NULL, NULL, 'Cisco Secure ACS Oversized TACACS+ Attack');
616 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3540, NULL, NULL, 'Cisco Secure ACS CSAdmin Attack');
617 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3550, NULL, NULL, 'POP Buffer Overflow');
618 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3551, NULL, NULL, 'POP User Root');
619 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3575, NULL, NULL, 'INN Buffer Overflow');
620 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3576, NULL, NULL, 'INN Control Message Exploit');
621 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3600, NULL, NULL, 'IOS Telnet Buffer Overflow');
622 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3601, NULL, NULL, 'IOS Command History Exploit');
623 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3602, NULL, NULL, 'Cisco IOS Identity');
624 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3603, NULL, NULL, 'IOS Enable Bypass');
625 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3604, NULL, NULL, 'Cisco Catalyst CR DoS');
626 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3650, NULL, NULL, 'SSH RSAREF2 Buffer Overflow');
627 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3651, NULL, NULL, 'SSH CRC32 Overflow');
628 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3652, NULL, NULL, 'SSH Gobbles');
629 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3700, NULL, NULL, 'CDE dtspcd overflow');
630 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3701, NULL, NULL, 'Oracle 9iAS Web Cache Buffer Overflow');
631 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3702, NULL, NULL, 'Default sa account access');
632 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3703, NULL, NULL, 'Squid FTP URL Buffer Overflow');
633 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3704, NULL, NULL, 'IIS FTP STAT Denial of Service');
634 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3705, NULL, NULL, 'Tivoli Storage Manager Client Acceptor Overflow');
635 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3706, NULL, NULL, 'MIT PGP Public Key Server Overflow');
636 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3707, NULL, NULL, 'Perl fingerd Command Exec');
637 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3708, NULL, NULL, 'AnalogX Proxy Socks4a DNS Overflow');
638 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3709, NULL, NULL, 'AnalogX Proxy Web Proxy Overflow');
639 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3710, NULL, NULL, 'Cisco Secure ACS Directory Traversal');
640 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3711, NULL, NULL, 'Informer FW1 auth replay DoS');
641 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3714, NULL, NULL, "Oracle TNS 'Service_Name' Overflow");
642 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3728, NULL, NULL, 'Long pop username');
643 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3729, NULL, NULL, 'Long pop password');
644 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3730, NULL, NULL, 'Trinoo (TCP)');
645 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3731, NULL, NULL, 'IMail HTTP Get Buffer Overflow');
646 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3732, NULL, NULL, 'MSSQL xp_cmdshell Usage');
647 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3990, NULL, NULL, 'BackOrifice BO2K TCP Non Stealth');
648 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3991, NULL, NULL, 'BackOrifice BO2K TCP Stealth 1');
649 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 3992, NULL, NULL, 'BackOrifice BO2K TCP Stealth 2');
650 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4000, NULL, NULL, 'UDP Packet');
651 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4001, NULL, NULL, 'UDP Port Sweep');
652 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4002, NULL, NULL, 'UDP Flood');
653 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4003, NULL, NULL, 'Nmap UDP Port Sweep');
654 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4050, NULL, NULL, 'UDP Bomb');
655 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4051, NULL, NULL, 'Snork');
656 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4052, NULL, NULL, 'Chargen DoS');
657 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4053, NULL, NULL, 'Back Orifice');
658 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4054, NULL, NULL, 'RIP Trace');
659 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4055, NULL, NULL, 'BackOrifice BO2K UDP');
660 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4056, NULL, NULL, 'NTPd readvar overflow');
661 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4058, NULL, NULL, 'UPnP LOCATION Overflow');
662 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4060, NULL, NULL, 'Back Orifice Ping');
663 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4061, NULL, NULL, 'Chargen Echo DoS');
664 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4100, NULL, NULL, 'Tftp Passwd File');
665 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4101, NULL, NULL, 'Cisco TFTPD Directory Traversal');
666 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4150, NULL, NULL, 'Ascend Denial of Service');
667 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4500, NULL, NULL, 'Cisco IOS Embedded SNMP Community Names');
668 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4501, NULL, NULL, 'Cisco CVCO/4K Remote Username/Password return');
669 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4502, NULL, NULL, 'SNMP Password Brute Force Attempt');
670 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4503, NULL, NULL, 'SNMP NT Info Retrieve');
671 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4504, NULL, NULL, 'SNMP IOS Configuration Retrieval');
672 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4505, NULL, NULL, 'SNMP VACM MIB Access');
673 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4506, NULL, NULL, 'D-Link Wireless SNMP Plain Text Password ');
674 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4507, NULL, NULL, 'SNMP Protocol Violation');
675 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4508, NULL, NULL, 'Non SNMP Traffic');
676 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4509, NULL, NULL, 'HP Openview SNMP Hidden Community Name');
677 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4510, NULL, NULL, 'Solaris SNMP Hidden Community Name');
678 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4511, NULL, NULL, 'Avaya SNMP Hidden Community Name');
679 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4600, NULL, NULL, 'IOS UDP Bomb');
680 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4601, NULL, NULL, 'CheckPoint Firewall RDP Bypass');
681 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4603, NULL, NULL, 'DHCP Discover');
682 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4604, NULL, NULL, 'DHCP Request');
683 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4605, NULL, NULL, 'DHCP Offer');
684 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4606, NULL, NULL, 'Cisco TFTP Long Filename Buffer Overflow');
685 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4607, NULL, NULL, 'Deep Throat Response');
686 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4608, NULL, NULL, 'Trinoo (UDP)');
687 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4609, NULL, NULL, 'Orinoco SNMP Info Leak ');
688 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4610, NULL, NULL, 'Kerberos 4 User Recon');
689 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4611, NULL, NULL, 'D-Link DWL-900AP+ TFTP Config Retrieve');
690 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4612, NULL, NULL, 'Cisco IP Phone TFTP Config Retrieve');
691 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4613, NULL, NULL, 'TFTP Filename Buffer Overflow');
692 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 4701, NULL, NULL, 'MS-SQL Control Overflow');
693 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5034, NULL, NULL, 'WWW IIS newdsn attack');
694 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5035, NULL, NULL, 'HTTP cgi HylaFAX Faxsurvey');
695 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5036, NULL, NULL, 'WWW Windows Password File Access Attempt');
696 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5037, NULL, NULL, 'WWW SGI MachineInfo Attack');
697 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5038, NULL, NULL, 'WWW wwwsql file read Bug');
698 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5039, NULL, NULL, 'WWW finger attempt');
699 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5040, NULL, NULL, 'WWW Perl Interpreter Attack');
700 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5041, NULL, NULL, 'WWW anyform attack');
701 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5042, NULL, NULL, 'WWW CGI Valid Shell Access');
702 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5043, NULL, NULL, 'WWW Cold Fusion Attack');
703 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5044, NULL, NULL, 'WWW Webcom.se Guestbook attack');
704 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5045, NULL, NULL, 'WWW xterm display attack');
705 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5046, NULL, NULL, 'WWW dumpenv.pl recon');
706 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5047, NULL, NULL, 'WWW Server Side Include POST attack');
707 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5048, NULL, NULL, 'WWW IIS BAT EXE attack');
708 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5049, NULL, NULL, 'WWW IIS showcode.asp access');
709 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5050, NULL, NULL, 'WWW IIS .htr Overflow Attack');
710 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5051, NULL, NULL, 'IIS Double Byte Code Page');
711 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5052, NULL, NULL, 'FrontPage Extensions PWD Open Attempt');
712 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5053, NULL, NULL, 'FrontPage _vti_bin Directory List Attempt');
713 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5054, NULL, NULL, 'WWWBoard Password');
714 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5055, NULL, NULL, 'HTTP Basic Authentication Overflow');
715 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5056, NULL, NULL, 'WWW Cisco IOS %% DoS');
716 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5057, NULL, NULL, 'WWW Sambar Samples');
717 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5058, NULL, NULL, 'WWW info2www Attack');
718 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5059, NULL, NULL, 'WWW Alibaba Attack');
719 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5060, NULL, NULL, 'WWW Excite AT-generate.cgi Access');
720 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5061, NULL, NULL, 'WWW catalog_type.asp Access');
721 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5062, NULL, NULL, 'WWW classifieds.cgi Attack');
722 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5063, NULL, NULL, 'WWW dmblparser.exe Access');
723 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5064, NULL, NULL, 'WWW imagemap.cgi Attack');
724 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5065, NULL, NULL, 'WWW IRIX infosrch.cgi Attack');
725 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5066, NULL, NULL, 'WWW man.sh Access');
726 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5067, NULL, NULL, 'WWW plusmail Attack');
727 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5068, NULL, NULL, 'WWW formmail.pl Access');
728 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5069, NULL, NULL, 'WWW whois_raw.cgi Attack');
729 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5070, NULL, NULL, 'WWW msadcs.dll Access');
730 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5071, NULL, NULL, 'WWW msacds.dll Attack');
731 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5072, NULL, NULL, 'WWW bizdb1-search.cgi Attack');
732 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5073, NULL, NULL, 'WWW EZshopper loadpage.cgi Attack');
733 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5074, NULL, NULL, 'WWW EZshopper search.cgi Attack');
734 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5075, NULL, NULL, 'WWW IIS Virtualized UNC Bug');
735 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5076, NULL, NULL, 'WWW webplus bug');
736 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5077, NULL, NULL, 'WWW Excite AT-admin.cgi Access');
737 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5078, NULL, NULL, 'WWW Piranha passwd attack');
738 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5079, NULL, NULL, 'WWW PCCS MySQL Admin Access');
739 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5080, NULL, NULL, 'WWW IBM WebSphere Access');
740 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5081, NULL, NULL, 'WWW WinNT cmd.exe Access');
741 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5083, NULL, NULL, 'WWW Virtual Vision FTP Browser Access');
742 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5084, NULL, NULL, 'WWW Alibaba Attack 2');
743 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5085, NULL, NULL, 'WWW IIS Source Fragment Access');
744 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5086, NULL, NULL, 'WWW WEBactive Logfile Access');
745 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5087, NULL, NULL, 'WWW Sun Java Server Access');
746 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5088, NULL, NULL, 'WWW Akopia MiniVend Access');
747 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5089, NULL, NULL, 'WWW Big Brother Directory Access');
748 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5090, NULL, NULL, 'WWW FrontPage htimage.exe Access');
749 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5091, NULL, NULL, 'WWW Cart32 Remote Admin Access');
750 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5092, NULL, NULL, 'WWW CGI-World Poll It Access');
751 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5093, NULL, NULL, 'WWW PHP-Nuke admin.php3 Access');
752 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5095, NULL, NULL, 'WWW CGI Script Center Account Manager Attack');
753 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5096, NULL, NULL, 'WWW CGI Script Center Subscribe Me Attack');
754 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5097, NULL, NULL, 'WWW FrontPage MS-DOS Device Attack');
755 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5099, NULL, NULL, 'WWW GWScripts News Publisher Access');
756 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5100, NULL, NULL, 'WWW CGI Center Auction Weaver File Access');
757 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5101, NULL, NULL, 'WWW CGI Center Auction Weaver Attack');
758 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5102, NULL, NULL, 'WWW phpPhotoAlbum explorer.php Access');
759 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5103, NULL, NULL, 'WWW SuSE Apache CGI Source Access');
760 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5104, NULL, NULL, 'WWW YaBB File Access');
761 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5105, NULL, NULL, 'WWW Ranson Johnson mailto.cgi Attack');
762 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5106, NULL, NULL, 'WWW Ranson Johnson mailform.pl Access');
763 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5107, NULL, NULL, 'WWW Mandrake Linux /perl Access');
764 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5108, NULL, NULL, 'WWW Netegrity Site Minder Access');
765 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5109, NULL, NULL, 'WWW Sambar Beta search.dll Access');
766 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5110, NULL, NULL, 'WWW SuSE Installed Packages Access');
767 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5111, NULL, NULL, 'WWW Solaris Answerbook 2 Access');
768 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5112, NULL, NULL, 'WWW Solaris Answerbook 2 Attack');
769 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5113, NULL, NULL, 'WWW CommuniGate Pro Access');
770 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5114, NULL, NULL, 'WWW IIS Unicode Attack');
771 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5115, NULL, NULL, 'Netscape Enterprise Server with ?wp Tags');
772 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5116, NULL, NULL, 'Endymion MailMan Remote Command Execution');
773 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5117, NULL, NULL, 'phpGroupWare Remote Command Exec');
774 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5118, NULL, NULL, 'eWave ServletExec 3.0C File Upload');
775 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5119, NULL, NULL, 'CGI Script Center News Update Admin Passwd Change');
776 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5120, NULL, NULL, 'Netscape Server Suite Buffer Overflow');
777 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5121, NULL, NULL, 'iPlanet .shtml Buffer Overflow');
778 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5122, NULL, NULL, 'Nokia IP440 Denial of Service');
779 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5123, NULL, NULL, 'WWW IIS Internet Printing Overflow');
780 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5124, NULL, NULL, 'IIS CGI Double Decode');
781 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5125, NULL, NULL, 'PerlCal Directory Traversal');
782 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5126, NULL, NULL, 'WWW IIS .ida Indexing Service Overflow');
783 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5127, NULL, NULL, 'WWW viewsrc.cgi Directory Traversal');
784 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5128, NULL, NULL, 'WWW nph-maillist.pl Cmd Exec');
785 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5129, NULL, NULL, 'IOS HTTP Unauth Command Execution');
786 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5130, NULL, NULL, 'Bugzilla globals.pl');
787 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5131, NULL, NULL, 'talkback.cgi Directory Traversal');
788 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5132, NULL, NULL, 'VirusScan catinfo Buffer Overflow');
789 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5133, NULL, NULL, 'Net.Commerce Macro Path Disclosure');
790 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5134, NULL, NULL, 'MacOS PWS DoS');
791 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5138, NULL, NULL, 'Oracle Application Server Shared Library Overflow');
792 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5140, NULL, NULL, 'Net.Commerce Macro Denial of Service');
793 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5141, NULL, NULL, 'NCM content.pl SQL Query Vulnerability');
794 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5142, NULL, NULL, 'DCShop File Disclosure');
795 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5146, NULL, NULL, 'MS-DOS Device Name DoS');
796 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5147, NULL, NULL, 'Arcadia Internet Store Directory Traversal Attempt');
797 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1515, 5148, NULL, NULL, 'Perception LiteServe Web Server CGI Script Source Code');
798
799 --
800 -- Passive Asset Detection System
801 --
802
803 INSERT INTO plugin (id, type, name, description) VALUES (1516, 1, 'pads', 'Passive Asset Detection System');
804
805 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (1516, 1, NULL, NULL, 'pads: New service detected');
806
807 --
808 -- TcpTrack
809 --
810
811 INSERT INTO plugin (id, type, name, description) VALUES (2006, 2, 'tcptrack', 'tcptrack');
812
813 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (2006, 1, NULL, NULL, 'tcptrack: Session Data Sent');
814 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (2006, 2, NULL, NULL, 'tcptrack: Session Data Rcvd');
815 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (2006, 3, NULL, NULL, 'tcptrack: Session Duration');
816
817 --
818 -- UNIX Syslog
819 --
820
821 INSERT INTO plugin (id, type, name, description) VALUES (4002, 1, 'syslogd', 'Syslog Daemon');
822
823 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority, reliability) VALUES (4002, 1, NULL, NULL, 'pam_unix: Authentication failure', 2, 2);
824 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority, reliability) VALUES (4002, 2, NULL, NULL, 'SSHd: Failed password', 3, 2);
825 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority, reliability) VALUES (4002, 3, NULL, NULL, 'Telnetd: Authentication failure', 2, 2);
826 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name, priority, reliability) VALUES (4002, 4, NULL, NULL, 'Proftp: Login failed', 2, 2);
827
828 --
829 -- Osiris data
830 --
831
832 INSERT INTO plugin (id, type, name, description) VALUES (4001, 1, 'osiris', 'Osiris HIDS');
833
834 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 10, NULL, NULL, 'osiris: LOG_ID_GENERIC_INFO');
835 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 11, NULL, NULL, 'osiris: LOG_ID_GENERIC_ERROR');
836 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 12, NULL, NULL, 'osiris: LOG_ID_GENERIC_FILE_ERROR');
837 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 13, NULL, NULL, 'osiris: LOG_ID_DAEMON_INFO');
838 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 14, NULL, NULL, 'osiris: LOG_ID_DAEMON_ERROR');
839 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 15, NULL, NULL, 'osiris: LOG_ID_DAEMON_UNAUTHORIZED');
840 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 16, NULL, NULL, 'osiris: LOG_ID_DAEMON_AUTHORIZED');
841 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 17, NULL, NULL, 'osiris: LOG_ID_DAEMON_CRITICAL');
842 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 18, NULL, NULL, 'osiris: LOG_ID_CERT_MISMATCH');
843 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 100, NULL, NULL, 'osiris: LOG_ID_AUTH_ERROR');
844 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 101, NULL, NULL, 'osiris: LOG_ID_AUTH_LOGIN_SUCCESS');
845 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 102, NULL, NULL, 'osiris: LOG_ID_AUTH_LOGIN_FAILURE');
846 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 103, NULL, NULL, 'osiris: LOG_ID_AUTH_WARNING');
847 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 104, NULL, NULL, 'osiris: LOG_ID_AUTH_SAVE_SUCCESS');
848 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 105, NULL, NULL, 'osiris: LOG_ID_AUTH_SAVE_FAILURE');
849 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 106, NULL, NULL, 'osiris: LOG_ID_AUTH_DB_RELOAD');
850 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 200, NULL, NULL, 'osiris: LOG_ID_CMP_BEGIN');
851 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 201, NULL, NULL, 'osiris: LOG_ID_CMP_END');
852 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 202, NULL, NULL, 'osiris: LOG_ID_CMP_FILE_MISSING');
853 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 203, NULL, NULL, 'osiris: LOG_ID_CMP_FILE_NEW');
854 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 204, NULL, NULL, 'osiris: LOG_ID_CMP_CHECKSUM');
855 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 205, NULL, NULL, 'osiris: LOG_ID_CMP_DEVICE');
856 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 206, NULL, NULL, 'osiris: LOG_ID_CMP_INODE');
857 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 207, NULL, NULL, 'osiris: LOG_ID_CMP_PERM');
858 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 208, NULL, NULL, 'osiris: LOG_ID_CMP_SYMLINKS');
859 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 209, NULL, NULL, 'osiris: LOG_ID_CMP_UID');
860 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 210, NULL, NULL, 'osiris: LOG_ID_CMP_GID');
861 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 211, NULL, NULL, 'osiris: LOG_ID_CMP_MTIME');
862 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 212, NULL, NULL, 'osiris: LOG_ID_CMP_ATIME');
863 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 213, NULL, NULL, 'osiris: LOG_ID_CMP_CTIME');
864 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 214, NULL, NULL, 'osiris: LOG_ID_CMP_DEVICETYPE');
865 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 215, NULL, NULL, 'osiris: LOG_ID_CMP_BYTES');
866 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 216, NULL, NULL, 'osiris: LOG_ID_CMP_BLOCKS');
867 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 217, NULL, NULL, 'osiris: LOG_ID_CMP_BLOCKSIZE');
868 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 218, NULL, NULL, 'osiris: LOG_ID_CMP_OWNER_SID');
869 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 219, NULL, NULL, 'osiris: LOG_ID_CMP_GROUP_SID');
870 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 220, NULL, NULL, 'osiris: LOG_ID_CMP_WIN_FILE_ATTR');
871 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 221, NULL, NULL, 'osiris: LOG_ID_CMP_GENERIC_NEW');
872 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 222, NULL, NULL, 'osiris: LOG_ID_CMP_GENERIC_MISSING');
873 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 223, NULL, NULL, 'osiris: LOG_ID_CMP_GENERIC_DIFF');
874 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 300, NULL, NULL, 'osiris: LOG_ID_DB_OPEN_ERROR');
875 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 301, NULL, NULL, 'osiris: LOG_ID_DB_STORE_ERROR');
876 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 302, NULL, NULL, 'osiris: LOG_ID_DB_TRUSTED_SET');
877 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 303, NULL, NULL, 'osiris: LOG_ID_DB_CREATE_ERROR');
878 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 400, NULL, NULL, 'osiris: LOG_ID_PEER_MSG');
879 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 401, NULL, NULL, 'osiris: LOG_ID_PEER_CLOSE');
880 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 402, NULL, NULL, 'osiris: LOG_ID_PEER_INVALID_MSG');
881 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 403, NULL, NULL, 'osiris: LOG_ID_PEER_READ_FAILURE');
882 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 404, NULL, NULL, 'osiris: LOG_ID_PEER_WRITE_FAILURE');
883 INSERT INTO plugin_sid (plugin_id, sid, category_id, class_id, name) VALUES (4001, 500, NULL, NULL, 'osiris: LOG_ID_SCAN_BEGIN');
884 INSERT INTO