Skip to content
Snippets Groups Projects
Commit 613d1da8 authored by Jan Mach's avatar Jan Mach
Browse files

DEPRECATION OF OLD PERL CODE, RESTRUCTURALIZATION OF REPOSITORY CONTENTS.

This commit deprecates old Perl library for handling IDEA messages, which will not be supported anymore. It also features restructuralization of the whole repository, because typedcols and ipranges libraries were moved into separate git repositories. Another reason for restructuralization is support of our automated build system.
parent e341f9e8
No related branches found
No related tags found
No related merge requests found
Showing
with 0 additions and 9097 deletions
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
{
"Format": "IDEA0",
"ID": "4390fc3f-c753-4a3e-bc83-1b44f24baf75",
"DetectTime": "2012-11-03T10:00Z",
"WinStartTime": "2012-11-03T05:00Z",
"WinEndTime": "2012-11-03T10:00Z",
"CreateTime": "2012-11-03T10:02Z",
"EventTime": "2012-11-03T07:36Z",
"CeaseTime": "2012-11-03T09:55Z",
"Category": ["Phishing"],
"Ref": ["cve:CVE-1234-5678"],
"Confidence": 1,
"Note": "Synthetic example",
"ConnCount": 20,
"Source": [
{
"Type": ["Phishing"],
"IP4": ["195.113.144.194", "192.168.0.253"],
"URL": ["http://example.com/cgi-bin/killemall"],
"Attach": ["att1"],
"Netname": ["ripe:IANA-CBLK-RESERVED1"]
}
],
"Target": [
{
"Type": ["Backscatter"],
"Email": ["innocent@example.com"],
"Spoofed": 1
},
{
"IP4": ["10.2.2.2"],
"Anonymised": 1
}
],
"Node": [
{
"Name": "buldocek",
"Type": ["Network", "Honeypot", "Kippo"],
"SW": ["Kippo"],
"AggrWin": "12:59:00"
}
],
"_CESNET": {
"EventTemplate": "n6-008"
},
"Attach": [
{
"Handle": "att1",
"FileName": ["killemall"],
"Type": ["malware"],
"Hash": ["sha1:0c4a38c3569f0cc632e74f4c"],
"Size": 46,
"Ref": ["Trojan-Spy:W32/FinSpy.A"]
}
]
}
{"DetectTime": "2016-07-31T16:57:32Z", "Node": [{"Type": ["Relay"], "Name": "cz.cesnet.mentat.warden_filer"}, {"SW": ["Nemea", "HostStatsNemea"], "Type": ["Flow", "Statistical"], "Name": "cz.cesnet.nemea.hoststats"}], "EventTime": "2016-07-31T16:52:30Z", "Description": "SSH dictionary/bruteforce attack", "ConnCount": 85, "CeaseTime": "2016-07-31T16:57:29Z", "Format": "IDEA0", "Category": ["Attempt.Login"], "CreateTime": "2016-07-31T16:57:32Z", "Source": [{"IP4": ["82.142.64.117"]}], "FlowCount": 170, "ID": "3dc36d8a-fa6c-44dd-a534-8f794fbb8f36", "Target": [{"Port": [22], "IP4": ["0.0.0.0"], "Proto": ["tcp", "ssh"]}]}
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment