forked from notepad-plus-plus/userDefinedLanguages
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSnort_byAnonymous_in2012.xml
62 lines (62 loc) · 6.06 KB
/
Snort_byAnonymous_in2012.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<NotepadPlus>
<UserLang name="Snort" ext="" udlVersion="2.0">
<Settings>
<Global caseIgnored="no" allowFoldOfComments="no" forcePureLC="0" foldCompact="no" />
<Prefix Keywords1="no" Keywords2="no" Keywords3="no" Keywords4="no" Keywords5="no" Keywords6="no" Keywords7="no" Keywords8="no" />
</Settings>
<KeywordLists>
<Keywords name="Comments"></Keywords>
<Keywords name="Numbers, additional"></Keywords>
<Keywords name="Numbers, prefixes"></Keywords>
<Keywords name="Numbers, extras with prefixes"></Keywords>
<Keywords name="Numbers, suffixes"></Keywords>
<Keywords name="Operators1">- " ( ) . : ; [ ] < ></Keywords>
<Keywords name="Operators2"></Keywords>
<Keywords name="Folders in code1, open"></Keywords>
<Keywords name="Folders in code1, middle"></Keywords>
<Keywords name="Folders in code1, close"></Keywords>
<Keywords name="Folders in code2, open"></Keywords>
<Keywords name="Folders in code2, middle"></Keywords>
<Keywords name="Folders in code2, close"></Keywords>
<Keywords name="Folders in comment, open"></Keywords>
<Keywords name="Folders in comment, middle"></Keywords>
<Keywords name="Folders in comment, close"></Keywords>
<Keywords name="Keywords1">alert log pass activate dynamic drop reject sdrop tcp ip udp icmp</Keywords>
<Keywords name="Keywords2">$AIM_SERVERS $DNS_SERVERS $DNS_SERVERS_AD $EXTERNAL_NET $FILE_DATA_PORTS $GTP_PORTS $HOME_NET $HTTP_PORTS $HTTP_SERVERS $ORACLE_PORTS $SHELLCODE_PORTS $SIP_PORTS $SIP_SERVERS $SMTP_SERVERS $SNMP_SERVERS $SNORT_BPF $SQL_SERVERS $SSH_PORTS $SSH_SERVERS $TELNET_SERVERS</Keywords>
<Keywords name="Keywords3">msg reference gid sid rev classtype priority metadeta content uricontent nocase threshold type limit track limit by_src by_dst count seconds distance within depth offset rawbytes http_client_body http_cookie http_raw_cookie http_header http_raw_header http_method http_uri http_raw_uri http_stat_code http_stat_msg http_encode fast_pattern urilen isdataat pcre pkt_data file_data base64_decode base64_data byte_test byte_jump byte_extract ftpbounce asn1 cvs dce_iface dce opnum dce_stub_data sip_method sip_stat_code sip_header sip_body gtp_type gtp_info gtp_version ssl_version ssl_state fragoffset ttl tos id ipopts fragbits dsize flags flow flowbits seq ack window itype icode icmp_id icmp_seq rpc ip_proto sameip stream_reassemble stream_size logto session resp react tag activates activated_by replace detection_filter</Keywords>
<Keywords name="Keywords4">any</Keywords>
<Keywords name="Keywords5"></Keywords>
<Keywords name="Keywords6"></Keywords>
<Keywords name="Keywords7"></Keywords>
<Keywords name="Keywords8"></Keywords>
<Keywords name="Delimiters">00"| 01 02|" 03" 04 05" 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23</Keywords>
</KeywordLists>
<Styles>
<WordsStyle name="DEFAULT" fgColor="C0C0C0" bgColor="000000" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="COMMENTS" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="LINE COMMENTS" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="NUMBERS" fgColor="00FFFF" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="KEYWORDS1" fgColor="FF0000" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="KEYWORDS2" fgColor="0000FF" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="KEYWORDS3" fgColor="FF8000" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="KEYWORDS4" fgColor="FF0080" bgColor="000000" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="KEYWORDS5" fgColor="FF80FF" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="KEYWORDS6" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="KEYWORDS7" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="KEYWORDS8" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="OPERATORS" fgColor="00FF00" bgColor="000000" fontName="@Adobe Gothic Std B" fontStyle="0" nesting="0" />
<WordsStyle name="FOLDER IN CODE1" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="FOLDER IN CODE2" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="FOLDER IN COMMENT" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS1" fgColor="8000FF" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="DELIMITERS2" fgColor="00FF00" bgColor="000000" fontName="" fontStyle="1" nesting="0" />
<WordsStyle name="DELIMITERS3" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS4" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS5" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS6" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS7" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="DELIMITERS8" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
<WordsStyle name="" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" nesting="0" />
</Styles>
</UserLang>
</NotepadPlus>