Subversion Repositories configs

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
189 - 1 
/* this is just an example config file, note the syntax... */
2 
 
3 
global {
4 
	pps:			300; /* good for a cable modem */
5 
	repeats:		1;
6 
	delaytype:		tsc; /* use gtod or sleep if your tsc is broken */
7 
 
8 
	/* good for uncovering broken firewalls see http://www.phrack.org/show.php?p=60&a=12 */
9 
	/* brokencrc:		transport; */
10 
 
11 
	/* -1 means random, that way you can come from port 0 */
12 
	sourceport:		-1;
13 
 
14 
	/* should we make a default (udp) payload for app triggering if we dont have a match? (good idea normally, think bindshell) */
15 
	defaultpayload:		true;
16 
 
17 
	/* perhaps not so usefull */
18 
	/* interface:		"wlan0"; */
19 
 
20 
	/* watch icmp error codes (or any icmp really) and rsts */
21 
	procerrors:		false;
22 
 
23 
	/*
24 
	 * for the time being see src/FMTCAT_ARGS and know that there are 4 different current formats
25 
	 * ip: IP reports
26 
	 * imip: Immediate (-I) IP reports
27 
	 * arp: ARP reports
28 
	 * imarp: ...
29 
	 */
30 
	format {
31 
		"ip:%-8r\t%16pn[%5p]\t\tfrom %hn %Tn ttl %t"
32 
	};
33 
 
34 
	/* already default */
35 
	/* moduledir:		"/usr/lib64/unicornscan/modules"; */
36 
 
37 
	/* good option */
38 
	immediate:		false;
39 
 
40 
	/* pcapfilter:		"! port 162"; */
41 
 
42 
	/* yah well on my laptop this is useless */
43 
	/* srcaddr:		random; */
44 
	/* srcaddr:		192.168.13.221; */
45 
 
46 
	/* this isnt as usefull use the fingerprint option, its less work */
47 
	/* ipttl:			0xFF; */
48 
	/* iptos:			0; */
49 
 
50 
	/* the `%d' will get replaced with a unix timestamp */
51 
	/* savefile:		"/tmp/save%d.pcap"; */
52 
 
53 
	/* 0:cisco 1:openbsd 2:windowsxp 4:p0f*/
54 
	fingerprint:		1;
55 
 
56 
	/* this can be 0 to some large value, i think 7 is the highest that does anything new */
57 
	verbose:		0;
58 
 
59 
	/* syn [Ss] fin [Ff] urg [Uu] psh [Pp] ack [Aa] ece [Ee] cwr [Cc] are possible here */
60 
	tcpflags:		Sfupaec;
61 
 
62 
	tcpquickports	{
63 
		"7,9,11,13,18,19,21-23,25,37,39,42,49,50,53,"
64 
		"65,67-70,79-81,88,98,100,105-107,109-111,113,118,119,"
65 
		"123,129,135,137-139,143,150,161-164,174,177-179,191,"
66 
		"199-202,204,206,209,210,213,220,345,346,347,369-372,"
67 
		"389,406,407,422,443-445,487,500,512-514,517,518,520,525,533,"
68 
		"538,548,554,563,587,610-612,631-634,636,642,653,655,657,666,706,750-752,765,"
69 
		"779,808,873,901,923,941,946,992-995,1001,1023-1030,1080,1210,1214,"
70 
		"1234,1241,1334,1349,1352,1423-1425,1433,1434,1524,1525,1645,1646,1649,1701,1718,"
71 
		"1719,1720,1723,1755,1812,1813,2048-2050,2101-2104,2140,2150,2233,2323,2345,2401,2430,2431,"
72 
		"2432,2433,2583,2628,2776,2777,2988,2989,3050,3130,3150,3232,3306,3389,3456,3493,"
73 
		"3542-3545,3632,3690,3801,4000,4400,4321,4567,4899,5002,5136-5139,5150,5151,"
74 
		"5222,5269,5308,5354,5355,5422-5425,5432,5503,5555,5556,5678,6000-6007,"
75 
		"6346,6347,6543,6544,6789,6838,6666-6670,7000-7009,"
76 
		"7028,7100,7983,8079-8082,8088,8787,8879,9090,9101-9103,"
77 
		"9325,9359,10000,10026,10027,10067,10080,10081,10167,10498,11201,15345,17001-17003,"
78 
		"18753,20011,20012,21554,22273,26274,27374,27444,27573,31335-31338,31787,31789,31790,31791,"
79 
		"32668,32767-32780,33390,47262,49301,54320,54321,"
80 
		"57341,58008,58009,58666,59211,60000,60006,61000,61348,61466,61603,63485,63808,63809,64429,"
81 
		"65000,65506,65530-65535"
82 
	};
83 
 
84 
	udpquickports	{
85 
		"7,9,11,13,17,19,20,37,39,42,49,52-54,65-71,81,111,161,123,136-170,514-518,"
86 
		"630,631,636-640,650,653,921,1023-1030,1900,2048-2050,27900,27960,32767-32780,32831"
87 
	};
88 
};
89 
 
90 
include "/etc/unicornscan/payloads.conf"; /* default udp payloads  */
91 
include "/etc/unicornscan/modules.conf"; /* default udp payloads  */