Description: Disbled rules files not available in Debian package
Author: Javier Fernandez-Sanguino Pen~a <jfs@debian.org>
Origin: vendor
Last-Update: 2012-05-05


--- a/etc/snort.conf
+++ b/etc/snort.conf
@@ -572,15 +572,15 @@
 include $RULE_PATH/attack-responses.rules
 include $RULE_PATH/backdoor.rules
 include $RULE_PATH/bad-traffic.rules
-include $RULE_PATH/blacklist.rules
-include $RULE_PATH/botnet-cnc.rules
+# include $RULE_PATH/blacklist.rules
+# include $RULE_PATH/botnet-cnc.rules
 include $RULE_PATH/chat.rules
-include $RULE_PATH/content-replace.rules
+# include $RULE_PATH/content-replace.rules
 include $RULE_PATH/ddos.rules
 include $RULE_PATH/dns.rules
 include $RULE_PATH/dos.rules
 include $RULE_PATH/exploit.rules
-include $RULE_PATH/file-identify.rules
+# include $RULE_PATH/file-identify.rules
 include $RULE_PATH/finger.rules
 include $RULE_PATH/ftp.rules
 include $RULE_PATH/icmp.rules
@@ -595,25 +595,28 @@
 include $RULE_PATH/oracle.rules
 include $RULE_PATH/other-ids.rules
 include $RULE_PATH/p2p.rules
-include $RULE_PATH/phishing-spam.rules
+# include $RULE_PATH/phishing-spam.rules
 include $RULE_PATH/policy.rules
 include $RULE_PATH/pop2.rules
 include $RULE_PATH/pop3.rules
 include $RULE_PATH/rpc.rules
 include $RULE_PATH/rservices.rules
-include $RULE_PATH/scada.rules
+# include $RULE_PATH/scada.rules
 include $RULE_PATH/scan.rules
-include $RULE_PATH/shellcode.rules
+# Note: These rules are disable by default as they are
+# too coarse grained. Enabling them causes a large
+# performance impact
+#include $RULE_PATH/shellcode.rules
 include $RULE_PATH/smtp.rules
 include $RULE_PATH/snmp.rules
-include $RULE_PATH/specific-threats.rules
-include $RULE_PATH/spyware-put.rules
+# include $RULE_PATH/specific-threats.rules
+# include $RULE_PATH/spyware-put.rules
 include $RULE_PATH/sql.rules
 include $RULE_PATH/telnet.rules
 include $RULE_PATH/tftp.rules
 include $RULE_PATH/virus.rules
-include $RULE_PATH/voip.rules
-include $RULE_PATH/web-activex.rules
+# include $RULE_PATH/voip.rules
+# include $RULE_PATH/web-activex.rules
 include $RULE_PATH/web-attacks.rules
 include $RULE_PATH/web-cgi.rules
 include $RULE_PATH/web-client.rules
