MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

Signature is now known as Attribute

pull/61/head
Christophe Vandeplas 2012-03-21 21:25:16 +01:00
parent 4bbbfc36c3
commit 23572019bb
13 changed files with 45 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/Controller/EventsController.php
View File

@ -235,19 +235,19 @@ class EventsController extends AppController {
$body .= 'Info : '."\n";
$body .= $this->Event->data['Event']['info']."\n";
$body .= "\n";
$body .= 'Signatures :'."\n";
$body .= 'Attributes :'."\n";
$body_temp_other = "";
if (isset($this->Event->data['Signature'])) {
foreach ($this->Event->data['Signature'] as $signature){
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
if ('other' == $signature['type']) // append the 'other' attribute types to the bottom.
$body_temp_other .= $line;
else $body .= $line;
}
}
$body .= "\n";
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
$body .= $body_temp_other; // append the 'other' attribute types to the bottom.
// sign the body
require_once 'Crypt/GPG.php';
@ -412,18 +412,18 @@ class EventsController extends AppController {
$body .= 'Info : '."\n";
$body .= $event['Event']['info']."\n";
$body .= "\n";
$body .= 'Signatures :'."\n";
$body .= 'Attributes :'."\n";
$body_temp_other = "";
if (!empty($event['Signature'])) {
foreach ($event['Signature'] as $signature){
$line = '- '.$signature['type'].str_repeat(' ', $appendlen - 2 - strlen( $signature['type'])).': '.$signature['value']."\n";
if ('other' == $signature['type']) // append the 'other' signature types to the bottom.
if ('other' == $signature['type']) // append the 'other' attribute types to the bottom.
$body_temp_other .= $line;
else $body .= $line;
}
}
$body .= "\n";
$body .= $body_temp_other; // append the 'other' signature types to the bottom.
$body .= $body_temp_other; // append the 'other' attribute types to the bottom.
// sign the body
require_once 'Crypt/GPG.php';
@ -482,7 +482,7 @@ class EventsController extends AppController {
public function export() {
// Simply display a static view
// generate the list of signature types
// generate the list of Attribute types
$this->loadModel('Signature');
$this->set('sig_types', $this->Signature->validate['type']['rule'][1]);
@ -561,10 +561,10 @@ class EventsController extends AppController {
$rule_format_reference = 'reference:url,'.Configure::read('CyDefSIG.baseurl').'/events/view/'.$event['Event']['id'];
$rule_format = 'alert %s %s %s %s %s %s ('.$rule_format_msg.'; %s %s classtype:'.$classtype.'; sid:%d; rev:%d; '.$rule_format_reference.';) ';
$sid = $user['User']['nids_sid']+($event['Event']['id']*100); // LATER this will cause issues with events containing more than 99 signatures
$sid = $user['User']['nids_sid']+($event['Event']['id']*100); // LATER this will cause issues with events containing more than 99 attributes
//debug($event);
foreach ($event['Signature'] as $signature) {
if (0 == $signature['to_ids']) continue; // signature is not to be exported to IDS. // LATER filter out to_ids=0 in the query
if (0 == $signature['to_ids']) continue; // attribute is not to be exported to IDS. // LATER filter out to_ids=0 in the query
$sid++;
switch ($signature['type']) {

14
app/Controller/SignaturesController.php
View File

@ -114,10 +114,10 @@ class SignaturesController extends AppController {
if ($this->Signature->save($this->request->data)) {
// inform the user and redirect
$this->Session->setFlash(__('The signature has been saved'));
$this->Session->setFlash(__('The attribute has been saved'));
$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Signature']['event_id']));
} else {
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
}
}
} else {
@ -151,10 +151,10 @@ class SignaturesController extends AppController {
if ($this->request->is('post') || $this->request->is('put')) {
if ($this->Signature->save($this->request->data)) {
$this->Session->setFlash(__('The signature has been saved'));
$this->Session->setFlash(__('The attribute has been saved'));
$this->redirect($this->referer());
} else {
$this->Session->setFlash(__('The signature could not be saved. Please, try again.'));
$this->Session->setFlash(__('The attribute could not be saved. Please, try again.'));
}
} else {
$this->request->data = $this->Signature->read(null, $id);
@ -179,7 +179,7 @@ class SignaturesController extends AppController {
}
$this->Signature->id = $id;
if (!$this->Signature->exists()) {
throw new NotFoundException(__('Invalid signature'));
throw new NotFoundException(__('Invalid attribute'));
}
// Replaced by isAuthorized
// // only own signatures
@ -189,9 +189,9 @@ class SignaturesController extends AppController {
// }
if ($this->Signature->delete()) {
$this->Session->setFlash(__('Signature deleted'));
$this->Session->setFlash(__('Attribute deleted'));
} else {
$this->Session->setFlash(__('Signature was not deleted'));
$this->Session->setFlash(__('Attribute was not deleted'));
}
$this->redirect($this->referer());

2
app/Model/Signature.php
View File

@ -155,7 +155,7 @@ class Signature extends AppModel {
'Signature.value' => $value),
);
if (0 != $this->find('count', $params) )
return 'Signature already exists for this event.';
return 'Attribute already exists for this event.';
// check data validation

4
app/View/Elements/actions_menu.ctp
View File

@ -1,7 +1,7 @@
<li><?php echo $this->Html->link(__('New Event', true), array('controller' => 'events', 'action' => 'add')); ?></li>
<li><?php echo $this->Html->link(__('List Events', true), array('controller' => 'events', 'action' => 'index')); ?></li>
<li><?php echo $this->Html->link(__('List Signatures', true), array('controller' => 'signatures', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Search Signatures', true), array('controller' => 'signatures', 'action' => 'search')); ?> </li>
<li><?php echo $this->Html->link(__('List Attribute', true), array('controller' => 'signatures', 'action' => 'index')); ?> </li>
<li><?php echo $this->Html->link(__('Search Attribute', true), array('controller' => 'signatures', 'action' => 'search')); ?> </li>
<li><?php echo $this->Html->link(__('Export', true), array('controller' => 'events', 'action' => 'export')); ?></li>
<li>&nbsp;</li>

2
app/View/Emails/text/new_event.ctp
View File

@ -4,7 +4,7 @@ Event : <?php echo $event['Event']['id']; ?>
Date : <?php echo $event['Event']['date']; ?>
Reported by : <?php echo Sanitize::html($event['Event']['org']); ?>
Risk : <?php echo $event['Event']['risk']; ?>
Signatures :
Attributes :
<?php if (!empty($event['Signature'])):
$i = 0;
foreach ($event['Signature'] as $signature): ?>

10
app/View/Events/export.ctp
View File

@ -7,19 +7,19 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
</p>
<h3>XML Export</h3>
<p>An automatic export of all events and signatures is available under a custom XML format.</p>
<p>An automatic export of all events and attributes is available under a custom XML format.</p>
<p>You can configure your tools to automatically download the following following file:</p>
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/xml/<?php echo $me['authkey']; ?></pre>
<p></p>
<h3>NIDS Export</h3>
<p>An automatic export of all network related signatures is available under the Snort rule format. Only signatures marked as <u>to IDS</u> are exported.</p>
<p>An automatic export of all network related attributes is available under the Snort rule format. Only attributes marked as <u>to IDS</u> are exported.</p>
<p>You can configure your tools to automatically download the following following file:</p>
<pre><?php echo Configure::read('CyDefSIG.baseurl');?>/events/nids/<?php echo $me['authkey']; ?></pre>
<p></p>
<h3>Text Export</h3>
<p>An automatic export of all signatures of a specific type to a plain text file.</p>
<p>An automatic export of all attributes of a specific type to a plain text file.</p>
<p>You can configure your tools to automatically download the following following files:</p>
<pre>
<?php foreach ($sig_types as $sig_type):?>
@ -32,9 +32,9 @@ You can <?php echo $this->Html->link('reset', array('controller' => 'users', 'ac
<p>We plan to make it possible to export data using searchpatterns.<br/>
This would enable you to export:</p>
<ul>
<li>only your own signatures</li>
<li>only your own attributes</li>
<li>date ranges</li>
<li>only specific signature types (domain)</li>
<li>only specific attribute types (domain)</li>
<li>...</li>
</ul>

8
app/View/Events/view.ctp
View File

@ -65,7 +65,7 @@
<?php endif; ?>
<div class="related">
<h3>Signatures</h3>
<h3>Attributes</h3>
<?php if (!empty($event['Signature'])):?>
<table cellpadding = "0" cellspacing = "0">
<tr>
@ -96,7 +96,7 @@
<?php
if ($isAdmin || $event['Event']['org'] == $me['org']) {
echo $this->Html->link(__('Edit', true), array('controller' => 'signatures', 'action' => 'edit', $signature['id']));
echo $this->Form->postLink(__('Delete'), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, __('Are you sure you want to delete this signature?'));
echo $this->Form->postLink(__('Delete'), array('controller' => 'signatures', 'action' => 'delete', $signature['id']), null, __('Are you sure you want to delete this attribute?'));
} ?>
</td>
</tr>
@ -106,7 +106,7 @@
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
<div class="actions">
<ul>
<li><?php echo $this->Html->link('New Signature', array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link('New Attribute', array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
</ul>
</div>
<?php endif; ?>
@ -117,7 +117,7 @@
<div class="actions">
<ul>
<?php if ($isAdmin || $event['Event']['org'] == $me['org']): ?>
<li><?php echo $this->Html->link(__('New Signature', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link(__('New Attribute', true), array('controller' => 'signatures', 'action' => 'add', $event['Event']['id']));?> </li>
<li><?php echo $this->Html->link(__('Edit Event', true), array('action' => 'edit', $event['Event']['id'])); ?> </li>
<li><?php echo $this->Form->postLink(__('Delete Event'), array('action' => 'delete', $event['Event']['id']), null, __('Are you sure you want to delete # %s?', $event['Event']['id'])); ?></li>
<li>&nbsp;</li>

6
app/View/Signatures/add.ctp
View File

@ -1,20 +1,20 @@
<div class="signatures form">
<?php echo $this->Form->create('Signature');?>
<fieldset>
<legend><?php echo __('Add Signature'); ?></legend>
<legend><?php echo __('Add Attribute'); ?></legend>
<?php
echo $this->Form->hidden('event_id');
echo $this->Form->input('type');
echo $this->Form->input('to_ids', array(
'checked' => true,
'after' => ' <i>Is this signature specific enough to be exported to IDS systems?</i>',
'after' => ' <i>Is this attribute specific enough to be exported to IDS systems?</i>',
));
echo $this->Form->input('value', array(
'error' => array('escape' => false),
));
echo $this->Form->input('batch_import', array(
'type' => 'checkbox',
'after' => ' <i>When selected each line in the value field will be a signature.</i>',
'after' => ' <i>When selected each line in the value field will be an attribute.</i>',
));
?>
</fieldset>

2
app/View/Signatures/edit.ctp
View File

@ -1,7 +1,7 @@
<div class="signatures form">
<?php echo $this->Form->create('Signature');?>
<fieldset>
<legend><?php echo __('Edit Signature'); ?></legend>
<legend><?php echo __('Edit Attribute'); ?></legend>
<?php
echo $this->Form->input('id');
echo $this->Form->input('type');

4
app/View/Signatures/index.ctp
View File

@ -1,5 +1,5 @@
<div class="signatures index">
<h2><?php echo __('Signatures');?></h2>
<h2><?php echo __('Attributes');?></h2>
<table cellpadding="0" cellspacing="0">
<tr>
<th><?php echo $this->Paginator->sort('event_id');?></th>
@ -23,7 +23,7 @@
<td class="actions"><?php
if ($isAdmin || $signature['Event']['org'] == $me['org']) {
echo $this->Html->link(__('Edit'), array('action' => 'edit', $signature['Signature']['id']));
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $signature['Signature']['id']), null, __('Are you sure you want to delete this signature?'));
echo $this->Form->postLink(__('Delete'), array('action' => 'delete', $signature['Signature']['id']), null, __('Are you sure you want to delete this attribute?'));
}
echo $this->Html->link(__('View'), array('controller' => 'events', 'action' => 'view', $signature['Signature']['event_id']));
?>

2
app/View/Signatures/search.ctp
View File

@ -1,7 +1,7 @@
<div class="signatures form">
<?php echo $this->Form->create('Signature');?>
<fieldset>
<legend><?php echo __('Search Signature'); ?></legend>
<legend><?php echo __('Search Attribute'); ?></legend>
<?php
echo $this->Form->input('keyword');
?>

4
app/View/Users/memberslist.ctp
View File

@ -17,7 +17,7 @@
</table>
<h2>Signature Types Histogram</h2>
<h2>Attribute Types Histogram</h2>
<div id="graph"></div>
<script type="text/javascript" src="/js/ext-4.0.7-gpl/bootstrap.js"></script>
<script>
@ -36,7 +36,7 @@
var panel1 = Ext.create('widget.panel', {
width: 800,
height: 500,
//title: 'Signatures by Organisation',
//title: 'Attributes by Organisation',
renderTo: 'graph',
layout: 'fit',
items: {

13
app/View/Users/news.ctp
View File

@ -5,6 +5,7 @@
Complete rewrite of the backend code to migrate to CakePHP 2.x (from CakePHP 1.3). <br/>
During this rewrite the code was cleaned up, CSRF protection should now be present on all the important actions.<br/>
Password strength validation and better security has been implemented.<br/>
Signatures are now known as Attributes.<br/>
Some intermittent bugs might have slipped in during the (manual) conversion. Please contact me <a href="mailto:user1088@qet.be">user1088@qet.be</a> to report any issues.
</p>
<p><b>Terms and News</b><br/>
@ -13,20 +14,20 @@ When new software updates of CyDefSIG are installed you will see the news page.<
<h3>February 2012</h3>
<p><b>Automation</b><br/>
It is now possible to batch import signatures. To do this simply check the
<em>batch import</em> box and insert one signature per line in the value field.</p>
It is now possible to batch import attributes. To do this simply check the
<em>batch import</em> box and insert one attribute per line in the value field.</p>
<p><b>Network IDS</b><br/>
You can now customize your <em>NIDS start SID</em> in your profile.<br/>
Using this feature you can choose your own range of SID and avoid any conflict with your IDS solution.</p>
<p><b>Members statistics</b><br/>
On the members list page you can now see how many signatures, of what type have been uploaded by what organisation.
On the members list page you can now see how many attributes, of what type have been uploaded by what organisation.
</p>
<p><b>Text based Export</b><br/>
Text based export for all the signature types.</p>
Text based export for all the attribute types.</p>
<h3>January 2012</h3>
<p><b>Related Events</b><br/>
When two Events have at least one common signature a link is automatically made between these two events.<br/>
When two Events have at least one common attribute a link is automatically made between these two events.<br/>
This way you can quickly see the relations and look at the other events that might be of interest to you.</p>
<p><b>Minor UI improvements</b><br/>
@ -46,7 +47,7 @@ You can now reset your authentication key (key for automatic exports) if it is c
The authkey generation algorithm has also been improved.</p>
<p><b>Network IDS Export</b><br/>
A bug in the DNS signatures has been corrected.</p>
A bug in the DNS attributes has been corrected.</p>
</p>
</div>