mirror of https://github.com/MISP/MISP
Signature is now known as Attribute
parent
4bbbfc36c3
commit
23572019bb
|
@ -235,19 +235,19 @@ class EventsController extends AppController {
|
|||
$body .= 'Info : '."\n";
|
||||
$body .= $this->Event->data['Event']['info']."\n";
|
||||
$body .= "\n";
|
||||
$body .= 'Signatures :'."\n";
|
||||
$body .= 'Attributes :'."\n";
|
||||
$body_temp_other = "";
|
||||
|
||||
if (isset($this->Event->data['Signature'])) {
|
||||
foreach ($this->Event->data['Signature'] as $signature){
|
||||
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
|
||||
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
|
||||
if ('other' == $signature['type']) // append the 'other' attribute types to the bottom.
|
||||
$body_temp_other .= $line;
|
||||
else $body .= $line;
|
||||
}
|
||||
}
|
||||
$body .= "\n";
|
||||
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
|
||||
$body .= $body_temp_other; // append the 'other' attribute types to the bottom.
|
||||
|
||||
// sign the body
|
||||
require_once 'Crypt/GPG.php';
|
||||
|
@ -412,18 +412,18 @@ class EventsController extends AppController {
|
|||
$body .= 'Info : '."\n";
|
||||
$body .= $event['Event']['info']."\n";
|
||||
$body .= "\n";
|
||||
$body .= 'Signatures :'."\n";
|
||||
$body .= 'Attributes :'."\n";
|
||||
$body_temp_other = "";
|
||||
if (!empty($event['Signature'])) {
|
||||
foreach ($event['Signature'] as $signature){
|
||||
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
|
||||
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
|
||||
if ('other' == $signature['type']) // append the 'other' attribute types to the bottom.
|
||||
$body_temp_other .= $line;
|
||||
else $body .= $line;
|
||||
}
|
||||
}
|
||||
$body .= "\n";
|
||||
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
|
||||
$body .= $body_temp_other; // append the 'other' attribute types to the bottom.
|
||||
|
||||
// sign the body
|
||||
require_once 'Crypt/GPG.php';
|
||||
|
@ -482,7 +482,7 @@ class EventsController extends AppController {
|
|||
public function export() {
|
||||
// Simply display a static view
|
||||
|
||||
// generate the list of signature types
|
||||
// generate the list of Attribute types
|
||||
$this->loadModel('Signature');
|
||||
$this->set('sig_types', $this->Signature->validate['type']['rule'][1]);
|
||||
|
||||
|
@ -561,10 +561,10 @@ class EventsController extends AppController {
|
|||
$rule_format_reference = 'reference:url,'.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id'];
|
||||
$rule_format = 'alert %s %s %s %s %s %s ('.$rule_format_msg.'; %s %s classtype:'.$classtype.'; sid:%d; rev:%d; '.$rule_format_reference.';) ';
|
||||
|
||||
$sid = $user['User']['nids_sid']+($event['Event']['id']*100); // LATER this will cause issues with events containing more than 99 signatures
|
||||
$sid = $user['User']['nids_sid']+($event['Event']['id']*100); // LATER this will cause issues with events containing more than 99 attributes
|
||||
//debug($event);
|
||||
foreach ($event['Signature'] as $signature) {
|
||||
if (0 == $signature['to_ids']) continue; // signature is not to be exported to IDS. // LATER filter out to_ids=0 in the query
|
||||
if (0 == $signature['to_ids']) continue; // attribute is not to be exported to IDS. // LATER filter out to_ids=0 in the query
|
||||
|
||||
$sid++;
|
||||
switch ($signature['type']) {
|
||||
|
|
|
@ -114,10 +114,10 @@ class SignaturesController extends AppController {
|
|||
|
||||
if ($this->Signature->save($this->request->data)) {
|
||||
// inform the user and redirect
|
||||
$this->Session->setFlash(__('The signature has been saved'));
|
||||
$this->Session->setFlash(__('The attribute has been saved'));
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Signature']['event_id']));
|
||||
} else {
|
||||
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
}
|
||||
}
|
||||
} else {
|
||||
|
@ -151,10 +151,10 @@ class SignaturesController extends AppController {
|
|||
if ($this->request->is('post') || $this->request->is('put')) {
|
||||
|
||||
if ($this->Signature->save($this->request->data)) {
|
||||
$this->Session->setFlash(__('The signature has been saved'));
|
||||
$this->Session->setFlash(__('The attribute has been saved'));
|
||||
$this->redirect($this->referer());
|
||||
} else {
|
||||
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
|
||||
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
|
||||
}
|
||||
} else {
|
||||
$this->request->data = $this->Signature->read(null, $id);
|
||||
|
@ -179,7 +179,7 @@ class SignaturesController extends AppController {
|
|||
}
|
||||
$this->Signature->id = $id;
|
||||
if (!$this->Signature->exists()) {
|
||||
throw new NotFoundException(__('Invalid signature'));
|
||||
throw new NotFoundException(__('Invalid attribute'));
|
||||
}
|
||||
// Replaced by isAuthorized
|
||||
// // only own signatures
|
||||
|
@ -189,9 +189,9 @@ class SignaturesController extends AppController {
|
|||
// }
|
||||
|
||||
if ($this->Signature->delete()) {
|
||||
$this->Session->setFlash(__('Signature deleted'));
|
||||
$this->Session->setFlash(__('Attribute deleted'));
|
||||
} else {
|
||||
$this->Session->setFlash(__('Signature was not deleted'));
|
||||
$this->Session->setFlash(__('Attribute was not deleted'));
|
||||
}
|
||||
|
||||
$this->redirect($this->referer());
|
||||
|
|
|
@ -155,7 +155,7 @@ class Signature extends AppModel {
|
|||
'Signature.value' => $value),
|
||||
);
|
||||
if (0 != $this->find('count', $params) )
|
||||
return 'Signature already exists for this event.';
|
||||
return 'Attribute already exists for this event.';
|
||||
|
||||
|
||||
// check data validation
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<li><?php echo $this->Html->link(__('New Event', true), array('controller' => 'events', 'action' => 'add')); ?></li>
|
||||
<li><?php echo $this->Html->link(__('List Events', true), array('controller' => 'events', 'action' => 'index')); ?></li>
|
||||
<li><?php echo $this->Html->link(__('List Signatures', true), array('controller' => 'signatures', 'action' => 'index')); ?> </li>
|
||||
<li><?php echo $this->Html->link(__('Search Signatures', true), array('controller' => 'signatures', 'action' => 'search')); ?> </li>
|
||||
<li><?php echo $this->Html->link(__('List Attribute', true), array('controller' => 'signatures', 'action' => 'index')); ?> </li>
|
||||
<li><?php echo $this->Html->link(__('Search Attribute', true), array('controller' => 'signatures', 'action' => 'search')); ?> </li>
|
||||
<li><?php echo $this->Html->link(__('Export', true), array('controller' => 'events', 'action' => 'export')); ?></li>
|
||||
|
||||
<li> </li>
|
||||
|
|
|
@ -4,7 +4,7 @@ Event : <?php echo $event['Event']['id']; ?>
|
|||
Date : <?php echo $event['Event']['date']; ?>
|
||||
Reported by : <?php echo Sanitize::html($event['Event']['org']); ?>
|
||||
Risk : <?php echo $event['Event']['risk']; ?>
|
||||
Signatures :
|
||||
Attributes :
|
||||
<?php if (!empty($event['Signature'])):
|
||||
$i = 0;
|
||||
foreach ($event['Signature'] as $signature): ?>
|
||||
|
|
|
@ -7,19 +7,19 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
|
|||
</p>
|
||||
|
||||
<h3>XML Export</h3>
|
||||
<p>An automatic export of all events and signatures is available under a custom XML format.</p>
|
||||
<p>An automatic export of all events and attributes is available under a custom XML format.</p>
|
||||
<p>You can configure your tools to automatically download the following following file:</p>
|
||||
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/xml/<?php echo $me['authkey']; ?></pre>
|
||||
<p></p>
|
||||
|
||||
<h3>NIDS Export</h3>
|
||||
<p>An automatic export of all network related signatures is available under the Snort rule format. Only signatures marked as <u>to IDS</u> are exported.</p>
|
||||
<p>An automatic export of all network related attributes is available under the Snort rule format. Only attributes marked as <u>to IDS</u> are exported.</p>
|
||||
<p>You can configure your tools to automatically download the following following file:</p>
|
||||
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/nids/<?php echo $me['authkey']; ?></pre>
|
||||
<p></p>
|
||||
|
||||
<h3>Text Export</h3>
|
||||
<p>An automatic export of all signatures of a specific type to a plain text file.</p>
|
||||
<p>An automatic export of all attributes of a specific type to a plain text file.</p>
|
||||
<p>You can configure your tools to automatically download the following following files:</p>
|
||||
<pre>
|
||||
<?php foreach ($sig_types as $sig_type):?>
|
||||
|
@ -32,9 +32,9 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
|
|||
<p>We plan to make it possible to export data using searchpatterns.<br/>
|
||||
This would enable you to export:</p>
|
||||
<ul>
|
||||
<li>only your own signatures</li>
|
||||
<li>only your own attributes</li>
|
||||
<li>date ranges</li>
|
||||
<li>only specific signature types (domain)</li>
|
||||
<li>only specific attribute types (domain)</li>
|
||||
<li>...</li>
|
||||
</ul>
|
||||
|
||||
|
|
|
@ -65,7 +65,7 @@
|
|||
<?php endif; ?>
|
||||
|
||||
<div class="related">
|
||||
<h3>Signatures</h3>
|
||||
<h3>Attributes</h3>
|
||||
<?php if (!empty($event['Signature'])):?>
|
||||
<table cellpadding = "0" cellspacing = "0">
|
||||
<tr>
|
||||
|
@ -96,7 +96,7 @@
|
|||
<?php
|
||||
if ($isAdmin || $event['Event']['org'] == $me['org']) {
|
||||
echo $this->Html->link(__('Edit', true), array('controller' => 'signatures', 'action' => 'edit', $signature['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, __('Are you sure you want to delete this signature?'));
|
||||
echo $this->Form->postLink(__('Delete'), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, __('Are you sure you want to delete this attribute?'));
|
||||
} ?>
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -106,7 +106,7 @@
|
|||
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<div class="actions">
|
||||
<ul>
|
||||
<li><?php echo $this->Html->link('New Signature', array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link('New Attribute', array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
</ul>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
@ -117,7 +117,7 @@
|
|||
<div class="actions">
|
||||
<ul>
|
||||
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
|
||||
<li><?php echo $this->Html->link(__('New Signature', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('New Attribute', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
|
||||
<li><?php echo $this->Html->link(__('Edit Event', true), array('action' => 'edit', $event['Event']['id'])); ?> </li>
|
||||
<li><?php echo $this->Form->postLink(__('Delete Event'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
|
||||
<li> </li>
|
||||
|
|
|
@ -1,20 +1,20 @@
|
|||
<div class="signatures form">
|
||||
<?php echo $this->Form->create('Signature');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Add Signature'); ?></legend>
|
||||
<legend><?php echo __('Add Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->hidden('event_id');
|
||||
echo $this->Form->input('type');
|
||||
echo $this->Form->input('to_ids', array(
|
||||
'checked' => true,
|
||||
'after' => ' <i>Is this signature specific enough to be exported to IDS systems?</i>',
|
||||
'after' => ' <i>Is this attribute specific enough to be exported to IDS systems?</i>',
|
||||
));
|
||||
echo $this->Form->input('value', array(
|
||||
'error' => array('escape' => false),
|
||||
));
|
||||
echo $this->Form->input('batch_import', array(
|
||||
'type' => 'checkbox',
|
||||
'after' => ' <i>When selected each line in the value field will be a signature.</i>',
|
||||
'after' => ' <i>When selected each line in the value field will be an attribute.</i>',
|
||||
));
|
||||
?>
|
||||
</fieldset>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<div class="signatures form">
|
||||
<?php echo $this->Form->create('Signature');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Edit Signature'); ?></legend>
|
||||
<legend><?php echo __('Edit Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('id');
|
||||
echo $this->Form->input('type');
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<div class="signatures index">
|
||||
<h2><?php echo __('Signatures');?></h2>
|
||||
<h2><?php echo __('Attributes');?></h2>
|
||||
<table cellpadding="0" cellspacing="0">
|
||||
<tr>
|
||||
<th><?php echo $this->Paginator->sort('event_id');?></th>
|
||||
|
@ -23,7 +23,7 @@
|
|||
<td class="actions"><?php
|
||||
if ($isAdmin || $signature['Event']['org'] == $me['org']) {
|
||||
echo $this->Html->link(__('Edit'), array('action' => 'edit', $signature['Signature']['id']));
|
||||
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $signature['Signature']['id']), null, __('Are you sure you want to delete this signature?'));
|
||||
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $signature['Signature']['id']), null, __('Are you sure you want to delete this attribute?'));
|
||||
}
|
||||
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $signature['Signature']['event_id']));
|
||||
?>
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<div class="signatures form">
|
||||
<?php echo $this->Form->create('Signature');?>
|
||||
<fieldset>
|
||||
<legend><?php echo __('Search Signature'); ?></legend>
|
||||
<legend><?php echo __('Search Attribute'); ?></legend>
|
||||
<?php
|
||||
echo $this->Form->input('keyword');
|
||||
?>
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
</table>
|
||||
|
||||
|
||||
<h2>Signature Types Histogram</h2>
|
||||
<h2>Attribute Types Histogram</h2>
|
||||
<div id="graph"></div>
|
||||
<script type="text/javascript" src="/js/ext-4.0.7-gpl/bootstrap.js"></script>
|
||||
<script>
|
||||
|
@ -36,7 +36,7 @@
|
|||
var panel1 = Ext.create('widget.panel', {
|
||||
width: 800,
|
||||
height: 500,
|
||||
//title: 'Signatures by Organisation',
|
||||
//title: 'Attributes by Organisation',
|
||||
renderTo: 'graph',
|
||||
layout: 'fit',
|
||||
items: {
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
Complete rewrite of the backend code to migrate to CakePHP 2.x (from CakePHP 1.3). <br/>
|
||||
During this rewrite the code was cleaned up, CSRF protection should now be present on all the important actions.<br/>
|
||||
Password strength validation and better security has been implemented.<br/>
|
||||
Signatures are now known as Attributes.<br/>
|
||||
Some intermittent bugs might have slipped in during the (manual) conversion. Please contact me <a href="mailto:user1088@qet.be">user1088@qet.be</a> to report any issues.
|
||||
</p>
|
||||
<p><b>Terms and News</b><br/>
|
||||
|
@ -13,20 +14,20 @@ When new software updates of CyDefSIG are installed you will see the news page.<
|
|||
|
||||
<h3>February 2012</h3>
|
||||
<p><b>Automation</b><br/>
|
||||
It is now possible to batch import signatures. To do this simply check the
|
||||
<em>batch import</em> box and insert one signature per line in the value field.</p>
|
||||
It is now possible to batch import attributes. To do this simply check the
|
||||
<em>batch import</em> box and insert one attribute per line in the value field.</p>
|
||||
<p><b>Network IDS</b><br/>
|
||||
You can now customize your <em>NIDS start SID</em> in your profile.<br/>
|
||||
Using this feature you can choose your own range of SID and avoid any conflict with your IDS solution.</p>
|
||||
<p><b>Members statistics</b><br/>
|
||||
On the members list page you can now see how many signatures, of what type have been uploaded by what organisation.
|
||||
On the members list page you can now see how many attributes, of what type have been uploaded by what organisation.
|
||||
</p>
|
||||
<p><b>Text based Export</b><br/>
|
||||
Text based export for all the signature types.</p>
|
||||
Text based export for all the attribute types.</p>
|
||||
|
||||
<h3>January 2012</h3>
|
||||
<p><b>Related Events</b><br/>
|
||||
When two Events have at least one common signature a link is automatically made between these two events.<br/>
|
||||
When two Events have at least one common attribute a link is automatically made between these two events.<br/>
|
||||
This way you can quickly see the relations and look at the other events that might be of interest to you.</p>
|
||||
|
||||
<p><b>Minor UI improvements</b><br/>
|
||||
|
@ -46,7 +47,7 @@ You can now reset your authentication key (key for automatic exports) if it is c
|
|||
The authkey generation algorithm has also been improved.</p>
|
||||
|
||||
<p><b>Network IDS Export</b><br/>
|
||||
A bug in the DNS signatures has been corrected.</p>
|
||||
A bug in the DNS attributes has been corrected.</p>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
|
|
Loading…
Reference in New Issue