mirror of https://github.com/MISP/MISP
Database structure and rough license
parent
4a084563d3
commit
ca7085469f
|
@ -0,0 +1,10 @@
|
|||
Copyright Belgian Defence
|
||||
|
||||
Authors:
|
||||
Christophe Vandeplas <christophe@vandeplas.com>
|
||||
|
||||
|
||||
This code should not be distributed without prior approval from the copyright holders.
|
||||
|
||||
Please send us bug-fixes, improvements and new features so we can add it to the main code tree.
|
||||
|
|
@ -0,0 +1,235 @@
|
|||
-- Import this MySQL file into your database
|
||||
--
|
||||
|
||||
-- phpMyAdmin SQL Dump
|
||||
-- version 3.3.9.2
|
||||
-- http://www.phpmyadmin.net
|
||||
--
|
||||
-- Host: localhost
|
||||
-- Generation Time: Jan 18, 2012 at 03:26 PM
|
||||
-- Server version: 5.5.9
|
||||
-- PHP Version: 5.3.6
|
||||
|
||||
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
|
||||
|
||||
--
|
||||
-- Database: `cyberdefence_sig`
|
||||
--
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `acos`
|
||||
--
|
||||
|
||||
CREATE TABLE `acos` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`parent_id` int(10) DEFAULT NULL,
|
||||
`model` varchar(255) COLLATE utf8_bin DEFAULT '',
|
||||
`foreign_key` int(10) unsigned DEFAULT NULL,
|
||||
`alias` varchar(255) COLLATE utf8_bin DEFAULT '',
|
||||
`lft` int(10) DEFAULT NULL,
|
||||
`rght` int(10) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=56 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `acos`
|
||||
--
|
||||
|
||||
INSERT INTO `acos` VALUES(1, NULL, NULL, NULL, 'controllers', 1, 110);
|
||||
INSERT INTO `acos` VALUES(2, 1, NULL, NULL, 'Pages', 2, 19);
|
||||
INSERT INTO `acos` VALUES(3, 2, NULL, NULL, 'display', 3, 4);
|
||||
INSERT INTO `acos` VALUES(4, 2, NULL, NULL, 'arrayToValuesIndexArray', 5, 6);
|
||||
INSERT INTO `acos` VALUES(5, 2, NULL, NULL, 'isAdmin', 7, 8);
|
||||
INSERT INTO `acos` VALUES(6, 2, NULL, NULL, 'add', 9, 10);
|
||||
INSERT INTO `acos` VALUES(7, 2, NULL, NULL, 'edit', 11, 12);
|
||||
INSERT INTO `acos` VALUES(8, 2, NULL, NULL, 'index', 13, 14);
|
||||
INSERT INTO `acos` VALUES(9, 2, NULL, NULL, 'view', 15, 16);
|
||||
INSERT INTO `acos` VALUES(10, 2, NULL, NULL, 'delete', 17, 18);
|
||||
INSERT INTO `acos` VALUES(11, 1, NULL, NULL, 'Events', 20, 47);
|
||||
INSERT INTO `acos` VALUES(12, 11, NULL, NULL, 'index', 21, 22);
|
||||
INSERT INTO `acos` VALUES(13, 11, NULL, NULL, 'view', 23, 24);
|
||||
INSERT INTO `acos` VALUES(14, 11, NULL, NULL, 'add', 25, 26);
|
||||
INSERT INTO `acos` VALUES(15, 11, NULL, NULL, 'edit', 27, 28);
|
||||
INSERT INTO `acos` VALUES(16, 11, NULL, NULL, 'delete', 29, 30);
|
||||
INSERT INTO `acos` VALUES(17, 11, NULL, NULL, 'alert', 31, 32);
|
||||
INSERT INTO `acos` VALUES(18, 11, NULL, NULL, 'xml', 33, 34);
|
||||
INSERT INTO `acos` VALUES(19, 11, NULL, NULL, 'snort', 35, 36);
|
||||
INSERT INTO `acos` VALUES(20, 11, NULL, NULL, 'arrayToValuesIndexArray', 37, 38);
|
||||
INSERT INTO `acos` VALUES(21, 11, NULL, NULL, 'isAdmin', 39, 40);
|
||||
INSERT INTO `acos` VALUES(22, 1, NULL, NULL, 'Groups', 48, 63);
|
||||
INSERT INTO `acos` VALUES(23, 22, NULL, NULL, 'index', 49, 50);
|
||||
INSERT INTO `acos` VALUES(24, 22, NULL, NULL, 'view', 51, 52);
|
||||
INSERT INTO `acos` VALUES(25, 22, NULL, NULL, 'add', 53, 54);
|
||||
INSERT INTO `acos` VALUES(26, 22, NULL, NULL, 'edit', 55, 56);
|
||||
INSERT INTO `acos` VALUES(27, 22, NULL, NULL, 'delete', 57, 58);
|
||||
INSERT INTO `acos` VALUES(28, 22, NULL, NULL, 'arrayToValuesIndexArray', 59, 60);
|
||||
INSERT INTO `acos` VALUES(29, 22, NULL, NULL, 'isAdmin', 61, 62);
|
||||
INSERT INTO `acos` VALUES(30, 1, NULL, NULL, 'Signatures', 64, 81);
|
||||
INSERT INTO `acos` VALUES(31, 30, NULL, NULL, 'index', 65, 66);
|
||||
INSERT INTO `acos` VALUES(32, 30, NULL, NULL, 'view', 67, 68);
|
||||
INSERT INTO `acos` VALUES(33, 30, NULL, NULL, 'add', 69, 70);
|
||||
INSERT INTO `acos` VALUES(34, 30, NULL, NULL, 'edit', 71, 72);
|
||||
INSERT INTO `acos` VALUES(35, 30, NULL, NULL, 'delete', 73, 74);
|
||||
INSERT INTO `acos` VALUES(36, 30, NULL, NULL, 'search', 75, 76);
|
||||
INSERT INTO `acos` VALUES(37, 30, NULL, NULL, 'arrayToValuesIndexArray', 77, 78);
|
||||
INSERT INTO `acos` VALUES(38, 30, NULL, NULL, 'isAdmin', 79, 80);
|
||||
INSERT INTO `acos` VALUES(39, 1, NULL, NULL, 'Users', 82, 109);
|
||||
INSERT INTO `acos` VALUES(40, 39, NULL, NULL, 'index', 83, 84);
|
||||
INSERT INTO `acos` VALUES(41, 39, NULL, NULL, 'view', 85, 86);
|
||||
INSERT INTO `acos` VALUES(42, 39, NULL, NULL, 'add', 87, 88);
|
||||
INSERT INTO `acos` VALUES(43, 39, NULL, NULL, 'edit', 89, 90);
|
||||
INSERT INTO `acos` VALUES(44, 39, NULL, NULL, 'delete', 91, 92);
|
||||
INSERT INTO `acos` VALUES(45, 39, NULL, NULL, 'login', 93, 94);
|
||||
INSERT INTO `acos` VALUES(46, 39, NULL, NULL, 'logout', 95, 96);
|
||||
INSERT INTO `acos` VALUES(47, 39, NULL, NULL, 'initDB', 97, 98);
|
||||
INSERT INTO `acos` VALUES(48, 39, NULL, NULL, 'arrayToValuesIndexArray', 99, 100);
|
||||
INSERT INTO `acos` VALUES(49, 39, NULL, NULL, 'isAdmin', 101, 102);
|
||||
INSERT INTO `acos` VALUES(50, 11, NULL, NULL, 'contact', 41, 42);
|
||||
INSERT INTO `acos` VALUES(51, 11, NULL, NULL, 'export', 43, 44);
|
||||
INSERT INTO `acos` VALUES(52, 11, NULL, NULL, 'nids', 45, 46);
|
||||
INSERT INTO `acos` VALUES(53, 39, NULL, NULL, 'resetauthkey', 103, 104);
|
||||
INSERT INTO `acos` VALUES(54, 39, NULL, NULL, 'orgslist', 105, 106);
|
||||
INSERT INTO `acos` VALUES(55, 39, NULL, NULL, 'memberslist', 107, 108);
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `aros`
|
||||
--
|
||||
|
||||
CREATE TABLE `aros` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`parent_id` int(10) DEFAULT NULL,
|
||||
`model` varchar(255) COLLATE utf8_bin DEFAULT '',
|
||||
`foreign_key` int(10) unsigned DEFAULT NULL,
|
||||
`alias` varchar(255) COLLATE utf8_bin DEFAULT '',
|
||||
`lft` int(10) DEFAULT NULL,
|
||||
`rght` int(10) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=25 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `aros`
|
||||
--
|
||||
|
||||
INSERT INTO `aros` VALUES(1, NULL, 'Group', 1, '', 1, 4);
|
||||
INSERT INTO `aros` VALUES(2, NULL, 'Group', 2, '', 5, 6);
|
||||
INSERT INTO `aros` VALUES(3, 1, 'User', 11, '', 2, 3);
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `aros_acos`
|
||||
--
|
||||
|
||||
CREATE TABLE `aros_acos` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
`aro_id` int(10) unsigned NOT NULL,
|
||||
`aco_id` int(10) unsigned NOT NULL,
|
||||
`_create` char(2) COLLATE utf8_bin NOT NULL DEFAULT '0',
|
||||
`_read` char(2) COLLATE utf8_bin NOT NULL DEFAULT '0',
|
||||
`_update` char(2) COLLATE utf8_bin NOT NULL DEFAULT '0',
|
||||
`_delete` char(2) COLLATE utf8_bin NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=6 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `aros_acos`
|
||||
--
|
||||
|
||||
INSERT INTO `aros_acos` VALUES(1, 1, 1, '1', '1', '1', '1');
|
||||
INSERT INTO `aros_acos` VALUES(2, 2, 1, '-1', '-1', '-1', '-1');
|
||||
INSERT INTO `aros_acos` VALUES(3, 2, 11, '1', '1', '1', '1');
|
||||
INSERT INTO `aros_acos` VALUES(4, 2, 30, '1', '1', '1', '1');
|
||||
INSERT INTO `aros_acos` VALUES(5, 2, 39, '1', '1', '1', '1');
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `events`
|
||||
--
|
||||
|
||||
CREATE TABLE `events` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`org` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`date` date NOT NULL,
|
||||
`risk` enum('Undefined','Low','Medium','High') COLLATE utf8_bin NOT NULL,
|
||||
`info` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`user_id` int(11) NOT NULL,
|
||||
`alerted` tinyint(1) NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`id`),
|
||||
FULLTEXT KEY `info` (`info`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `events`
|
||||
--
|
||||
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `groups`
|
||||
--
|
||||
|
||||
CREATE TABLE `groups` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`name` varchar(100) COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=3 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `groups`
|
||||
--
|
||||
|
||||
INSERT INTO `groups` VALUES(1, 'administrators');
|
||||
INSERT INTO `groups` VALUES(2, 'users');
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `signatures`
|
||||
--
|
||||
|
||||
CREATE TABLE `signatures` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`event_id` int(11) NOT NULL,
|
||||
`type` varchar(100) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`value` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
|
||||
`to_ids` tinyint(1) NOT NULL DEFAULT '1',
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `event_id` (`event_id`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=1 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `signatures`
|
||||
--
|
||||
|
||||
|
||||
-- --------------------------------------------------------
|
||||
|
||||
--
|
||||
-- Table structure for table `users`
|
||||
--
|
||||
|
||||
CREATE TABLE `users` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`group_id` int(11) NOT NULL,
|
||||
`password` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`org` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`email` varchar(255) COLLATE utf8_bin NOT NULL,
|
||||
`autoalert` tinyint(1) NOT NULL,
|
||||
`authkey` varchar(40) COLLATE utf8_bin NOT NULL,
|
||||
`invited_by` int(11) NOT NULL,
|
||||
`gpgkey` text COLLATE utf8_bin NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `username` (`password`)
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin AUTO_INCREMENT=2 ;
|
||||
|
||||
--
|
||||
-- Dumping data for table `users`
|
||||
--
|
||||
|
||||
INSERT INTO `users` VALUES(1, 1, 'babc86e0869015b3f0b4d48ca48700d3a9d1b9d7', 'TEST', 'admin@admin.com', 0, 'vlf4o42bYSVVWLm28jLB85my4HBZWXTri8vGdySb', 0, '');
|
|
@ -3,36 +3,38 @@ TODOs
|
|||
-----
|
||||
|
||||
Auth
|
||||
- Use captcha authenticaiton
|
||||
- Use captcha authentication
|
||||
- cleanup ACL and do it using the CakePHP concept
|
||||
- password strength requirements
|
||||
|
||||
implement auditing/logging system
|
||||
- add / edit events and signatures
|
||||
- failed / success logins (with source IP, headers,...)
|
||||
|
||||
Security
|
||||
- apply CSRF checks by enabling security modules and rewriting some parts
|
||||
- apply CSRF checks on the delete parameters by enabling security modules and rewriting some parts
|
||||
- force cookie reset after login
|
||||
|
||||
|
||||
INSTALLATION INSTRUCTIONS
|
||||
-------------------------
|
||||
Download CakePHP 1.3 and copy the app to the app directory.
|
||||
Download CakePHP 1.3 and copy the app (git clone) to the app directory.
|
||||
|
||||
First you need to edit the files in the /app/config directory.
|
||||
# (or copy your local config settings including the salts and passwords)
|
||||
# cp app/config/* /Users/chri/tmp/sshfs/sig/app/config/
|
||||
|
||||
Then set the permissions correctly using the following commands as root:
|
||||
Check if the permissions are set correctly using the following commands as root:
|
||||
chown -R chri:www-data sig
|
||||
chmod -R 750 sig
|
||||
chmod -R g+s sig
|
||||
cd sig/app/
|
||||
chmod -R g+w tmp
|
||||
|
||||
MySQL database: Import the empty database
|
||||
|
||||
|
||||
|
||||
Default user/pass = admin@admin.com / admin
|
||||
Don't forget to change the email, password and authentication key after installation.
|
||||
|
||||
Recommended patches
|
||||
-------------------
|
||||
|
|
Loading…
Reference in New Issue