git
|
8ba98a1e57
|
Rollback of pagination on event view
Comeback to previous event layout. This does not change the preformance issue so it is not worth to put in stable.
We will move it to the devel branch
|
2012-07-24 15:44:04 +02:00 |
noud
|
de89d28caa
|
Fix, paging on event with lots of attributes.
|
2012-07-20 13:27:55 +02:00 |
noud
|
c1ed9c5839
|
2 new bugs:
- event with lots of attributes has no paging.
- non-composite attribute and non-printable.
|
2012-07-20 08:51:20 +02:00 |
noud
|
e9234bcee7
|
Fixed non-printable in no-composite attribute.
|
2012-07-20 08:48:12 +02:00 |
noud
|
25d5ff4290
|
Show events with user.email if admin.
|
2012-07-19 14:53:12 +02:00 |
noud
|
78f629e6dd
|
Redo Event.user_id
|
2012-07-19 14:52:27 +02:00 |
noud
|
c086981676
|
Search Attributes fixed.
|
2012-07-19 11:41:04 +02:00 |
noud
|
29a67f4d96
|
Fixes the Search Attributes.
|
2012-07-19 11:41:04 +02:00 |
noud
|
8db00efdac
|
Remove extra dot between filename and ext when downloading attachment.
|
2012-07-19 11:41:04 +02:00 |
deresz
|
d879deb027
|
news: removed some old stuff
EventsController: contact mail display name from the config file
|
2012-07-19 09:48:45 +02:00 |
Andrzej Dereszowski
|
bf98f2db3c
|
Merge branch 'develop_0.2.2_fixes' into develop
Conflicts:
app/Model/Attribute.php
|
2012-07-11 16:15:27 +02:00 |
noud
|
e353c405e1
|
New bug.. type filename|md5, conform type md5 strtolower.
|
2012-07-11 14:37:04 +02:00 |
noud
|
5c1a8e22fb
|
Fix, do strtolower on types filename|md5 and filename|sha1 conform types
md5 and sha1.
|
2012-07-11 14:35:46 +02:00 |
deresz
|
ebec1d7f26
|
Make the documentation "brand-neutral" to be able to develop it in a community.
|
2012-07-11 11:03:18 +02:00 |
noud
|
25d33e3578
|
New bug, authError gets displayed before login.
|
2012-07-11 10:20:44 +02:00 |
noud
|
e67d9ebdec
|
Fix to authError getting displayed before login.
|
2012-07-11 10:19:57 +02:00 |
noud
|
50e24c7c56
|
Upload always ticked if malware-sample, always unticked if attachment.
|
2012-07-11 09:48:44 +02:00 |
noud
|
c1823b1cf4
|
Corrects the download in IE fix, to filename.ext.zip or filename.ext.
(Got filename.ext.zip.zip for attachment and filename.ext.ext for
malware given the previous fix)
|
2012-07-10 17:23:00 +02:00 |
noud
|
3f9e1d650b
|
New bug, Add User and validation error gives extra authkey not defined.
|
2012-07-10 15:39:08 +02:00 |
noud
|
a08842e7d4
|
Fix to New User, some validation error then authkey not defined.
|
2012-07-10 15:38:10 +02:00 |
noud
|
c1bc80ac61
|
Download attachment does not work on MS Internet Explorer.
This _can_ be a fix, not sure. If not, CakePHP bug #2554 or others.
|
2012-07-10 13:36:32 +02:00 |
noud
|
1f894119c7
|
One extra bug (IE download).
|
2012-07-10 11:42:35 +02:00 |
noud
|
8f4727e3ad
|
Correction to upload so zip only ticked when malware and not when
attachement.
|
2012-07-10 11:39:43 +02:00 |
noud
|
1a56db0aac
|
Do validation after edit attribute.
|
2012-07-09 15:13:54 +02:00 |
noud
|
aaefa228f0
|
Bug found.
|
2012-07-09 15:12:58 +02:00 |
noud
|
1143ee265d
|
Fix to: Add attribute, non-valid, correct, ´black-holed´.
|
2012-07-09 14:18:26 +02:00 |
noud
|
4ac501d54e
|
Only show categories with type attachment or malware-sample in Add
Attachement view. (this was..No possibility to upload if type
attachement or malware-sample is not in category.)
|
2012-07-09 14:14:55 +02:00 |
noud
|
e09c2c9160
|
2 extra bugs found.
|
2012-07-09 14:09:24 +02:00 |
noud
|
ed41233f2a
|
No possibility to upload if type attachement or malware-sample is not in
category.
|
2012-07-06 13:48:17 +02:00 |
noud
|
6c6086c5c8
|
List of outstanding and fixed bugs.
|
2012-07-06 13:45:31 +02:00 |
deresz
|
73e87f31e0
|
Use CyDefSIG.name from Config in alert e-mail subjects.
|
2012-07-04 17:15:01 +02:00 |
deresz
|
dbf7fafea8
|
Correction to "link" attribute type - links were not actually created.
Also changed it to proper "cake" way.
|
2012-07-04 15:51:19 +02:00 |
noud
|
63bdfe2961
|
Edit composite attribute to non-composite attribute fix.
|
2012-07-04 14:05:18 +02:00 |
deresz
|
50e3566f3a
|
Some modifications to category/attribute matrix. MISP database is now compatible for sync with CyDefSIG.
|
2012-07-04 11:28:40 +02:00 |
Andrzej Dereszowski
|
2d8695732d
|
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop_0.2.2_fixes
|
2012-07-02 17:11:38 +02:00 |
Andrzej Dereszowski
|
e2df7442a4
|
shit
|
2012-07-02 16:26:50 +02:00 |
noud
|
5bac9ac928
|
Forgot LogableBehavior in the first commit.
|
2012-07-02 12:52:57 +02:00 |
Christophe Vandeplas
|
811428e9f5
|
forgot debug comment
|
2012-06-29 13:43:22 +02:00 |
Christophe Vandeplas
|
09c4656944
|
improved NIDS output
|
2012-06-29 13:41:23 +02:00 |
noud
|
8216a563dc
|
Servers.lastpushedid and Servers.lastpulledid.
|
2012-06-29 10:27:19 +02:00 |
noud
|
9c1c32f959
|
Audit and Access Control granulation in News page.
|
2012-06-29 09:36:47 +02:00 |
noud
|
0eb52796ae
|
Admin Paginator fix.
|
2012-06-29 08:56:00 +02:00 |
noud
|
4a12bf960f
|
Admin Paginator fix.
|
2012-06-29 08:35:32 +02:00 |
noud
|
66c5312ea6
|
DataBase migrate, Audit and Access Control granulation.
|
2012-06-28 17:24:12 +02:00 |
Christophe Vandeplas
|
500418cb61
|
fixed silly bug in priority assignment of nids export
|
2012-06-28 14:58:19 +02:00 |
root
|
b4558887ce
|
Revert "Audit and ACL first cut."
This reverts commit 5818231f48 .
|
2012-06-26 09:40:52 +02:00 |
noud
|
5818231f48
|
Audit and ACL first cut.
|
2012-06-25 15:54:52 +02:00 |
noud
|
ce7fee4971
|
Revert "Audit database table."
This reverts commit f5bf89e624 .
|
2012-06-25 15:13:51 +02:00 |
Christophe Vandeplas
|
5993e3eec8
|
fixed nids snort rule conversion because of greedy * and +
|
2012-06-25 10:18:45 +02:00 |
Christophe Vandeplas
|
66a9950d14
|
minor improvement in usability on index pages
|
2012-06-25 08:00:08 +02:00 |
Christophe Vandeplas
|
f023d98b5b
|
improvement of nids - level and message
|
2012-06-22 13:48:35 +02:00 |
Christophe Vandeplas
|
2268bd73dd
|
micro fix in nids export
|
2012-06-22 12:46:07 +02:00 |
Christophe Vandeplas
|
8c313bc054
|
changed classtype
|
2012-06-22 11:49:02 +02:00 |
noud
|
f5bf89e624
|
Audit database table.
|
2012-06-21 08:31:41 +02:00 |
Christophe Vandeplas
|
3996edca45
|
first migration script for misp0.2 to misp1.0 (not finished)
|
2012-06-14 11:03:43 +02:00 |
Christophe Vandeplas
|
2d283962ce
|
some improvement on database level
|
2012-06-14 09:59:08 +02:00 |
Christophe Vandeplas
|
7cea666c9b
|
fix an php error when importing attributes with incorrect type -
category validation
|
2012-06-13 16:02:27 +02:00 |
Christophe Vandeplas
|
3bec9bbefc
|
updated DB structure
|
2012-06-13 14:51:25 +02:00 |
Christophe Vandeplas
|
1f52ab82fe
|
fixing bug created in commit 957e4f232b
|
2012-06-13 14:42:42 +02:00 |
Christophe Vandeplas
|
957e4f232b
|
minor memory usage improvements by referencing in foreach ($array as
&$value) loop
|
2012-06-11 11:40:31 +02:00 |
Christophe Vandeplas
|
2d335f5dbe
|
cleanup of comments and todos
minor memory performance improvement
|
2012-06-11 11:01:58 +02:00 |
Christophe Vandeplas
|
cd5d53b22b
|
fixed bug in termsaccepted
|
2012-06-08 17:34:06 +02:00 |
Christophe Vandeplas
|
1d69fc78a1
|
info on how to use a same CakePHP lib directory for multiple instances
|
2012-06-08 17:15:55 +02:00 |
Christophe Vandeplas
|
082e1f2784
|
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop
|
2012-06-08 17:04:46 +02:00 |
Christophe Vandeplas
|
07fc2d2022
|
cleanup of directory
|
2012-06-08 17:03:27 +02:00 |
Christophe Vandeplas
|
9a30ba883f
|
updated console version from newer cakephp
|
2012-06-08 17:00:07 +02:00 |
Christophe Vandeplas
|
5eb6a89384
|
removed reference to useless user_id.
fixed bug where Contact reporter doesn't work when user does not exist
(contact reporter now sends mails to all the org)
|
2012-06-08 16:57:10 +02:00 |
Andrzej Dereszowski
|
2b63f955a6
|
I think comment should not be correlated neither but correct me if I'm wrong
|
2012-06-08 12:24:01 +02:00 |
Christophe Vandeplas
|
0687d3f6f4
|
fixed huge SQL injection vulnerability created in bruteforce protection.
Shame on me !!!
|
2012-06-06 11:12:19 +02:00 |
Christophe Vandeplas
|
9cd1b0469d
|
minor change
|
2012-06-06 11:03:08 +02:00 |
Christophe Vandeplas
|
6e9ab97791
|
implementation of a anti-brute-force password guessing mechanism.
|
2012-06-06 11:00:02 +02:00 |
Christophe Vandeplas
|
e453ee0e97
|
Sanitize::html() to h() for views is the way to go
|
2012-06-05 10:00:36 +02:00 |
Christophe Vandeplas
|
1a0586f14f
|
unique attribute for nids export
|
2012-06-04 12:06:46 +02:00 |
Christophe Vandeplas
|
c95f8904a0
|
removed description field ( should be replaced by comment )
|
2012-06-03 22:52:46 +02:00 |
Christophe Vandeplas
|
f455405475
|
better error outputting
|
2012-06-03 22:51:56 +02:00 |
Christophe Vandeplas
|
39fb9bca1d
|
Attribute types validation is now a separate function that uses the
Attribute->type_definitions variable
|
2012-05-31 17:12:26 +02:00 |
Christophe Vandeplas
|
ba75b24bb4
|
forgot to add js to previous commits
|
2012-05-31 16:11:40 +02:00 |
Christophe Vandeplas
|
aac2f5926f
|
minor fixes
|
2012-05-31 08:55:51 +02:00 |
Christophe Vandeplas
|
d319860268
|
fixes security issue (overwrite existing event)
|
2012-05-31 08:47:49 +02:00 |
Christophe Vandeplas
|
8505396b25
|
select boxes with filtering now
|
2012-05-30 18:11:44 +02:00 |
Christophe Vandeplas
|
f35c311651
|
improved documentation
|
2012-05-30 17:13:35 +02:00 |
Christophe Vandeplas
|
24e7139e45
|
minor fix in Attribute tooltip
more documentation (autogenerated)
|
2012-05-30 10:24:57 +02:00 |
Andrzej Dereszowski
|
7ee4d29fac
|
Fixed merge conflicts with HEAD at belmod
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop
Conflicts:
app/Controller/EventsController.php
app/Model/Attribute.php
|
2012-05-29 17:19:36 +02:00 |
Andrzej Dereszowski
|
1a91c2f49b
|
Help messages implementation (forms and list views).
|
2012-05-29 16:53:50 +02:00 |
Andrzej Dereszowski
|
51dbbcfa13
|
Explanation messages implemenented for forms and for list views (using
"title" html element)
|
2012-05-29 16:50:45 +02:00 |
Christophe Vandeplas
|
e4feaaa013
|
Part of the documentation added - docu written by Miguel Soria Machado
(CERT-EU)
|
2012-05-25 14:56:58 +02:00 |
Christophe Vandeplas
|
4d70df3b32
|
fixed error when type was not set
|
2012-05-25 11:03:38 +02:00 |
Christophe Vandeplas
|
155f9fe720
|
fixed logic bug
|
2012-05-25 10:01:59 +02:00 |
Christophe Vandeplas
|
ad69aeb38f
|
only sync event on publish when sync feature is on
|
2012-05-25 09:34:54 +02:00 |
Christophe Vandeplas
|
747c211723
|
auto-upload when publish event
|
2012-05-25 09:31:14 +02:00 |
Christophe Vandeplas
|
efa590de23
|
moved some functions around
|
2012-05-25 08:13:40 +02:00 |
Christophe Vandeplas
|
cd30bb5d30
|
push / pull seems to work with attachment support. Lots of testing
required.
|
2012-05-23 16:32:46 +02:00 |
Christophe Vandeplas
|
aa043a445b
|
limit saveAssociated using fieldList
|
2012-05-22 15:52:55 +02:00 |
Christophe Vandeplas
|
6d8b0a98b0
|
attachment support in REST API
|
2012-05-22 13:58:37 +02:00 |
Christophe Vandeplas
|
00d62ab722
|
REST XML request also received base64 encoded file content
|
2012-05-21 15:20:25 +02:00 |
Christophe Vandeplas
|
93c96ff7c3
|
minor layout improvement
|
2012-05-21 13:42:16 +02:00 |
Christophe Vandeplas
|
c713d6498f
|
fixes previous commit
|
2012-05-21 13:41:04 +02:00 |
Christophe Vandeplas
|
04ffe374a1
|
layout improvement in attribute display
|
2012-05-21 13:34:53 +02:00 |
Christophe Vandeplas
|
9462902d97
|
workaround for bug where uuid is not set when empty. See bug
http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2893
|
2012-05-21 13:14:28 +02:00 |
Christophe Vandeplas
|
9e2c2c5753
|
fix bug when editing attributes
|
2012-05-16 11:19:06 +02:00 |
Christophe Vandeplas
|
6da1906bf4
|
fixes typo in alert message
|
2012-05-16 10:27:09 +02:00 |
Christophe Vandeplas
|
c426537c73
|
fix recommendation of pentest for autocomplete
|
2012-05-14 10:48:23 +02:00 |
Christophe Vandeplas
|
9e7ee3c85b
|
fixes bug where event is not unpublished when attribute is edited
|
2012-05-11 08:33:04 +02:00 |
Christophe Vandeplas
|
395f29dd21
|
fixes bugs in NIDS export with duplicate SIDs
|
2012-05-09 15:17:16 +02:00 |
Christophe Vandeplas
|
fa167bc2c8
|
.
|
2012-05-04 14:47:50 +02:00 |
Christophe Vandeplas
|
03ad7d3acd
|
fixes event with no attributes in REST request
|
2012-05-04 12:44:27 +02:00 |
Christophe Vandeplas
|
e1189e576a
|
fixes problem of not being able to import events with single attribute
|
2012-05-04 12:37:31 +02:00 |
Christophe Vandeplas
|
e452460242
|
added CyDefSIG.name to allow changing the title of the site
|
2012-05-04 09:52:45 +02:00 |
Christophe Vandeplas
|
4b5999bb5b
|
fixes issue 67
|
2012-05-03 15:05:08 +02:00 |
Christophe Vandeplas
|
f675d7d6d0
|
more fixes for the sync
|
2012-05-03 14:52:49 +02:00 |
Christophe Vandeplas
|
9e9837d59d
|
Basic sync push seems to work
|
2012-05-03 14:32:49 +02:00 |
Christophe Vandeplas
|
37ee17510e
|
fixes security bug in XML REST request
|
2012-05-03 13:53:47 +02:00 |
Christophe Vandeplas
|
e5c0c5b081
|
do not show related events if the variable was not set
|
2012-04-26 18:50:58 +02:00 |
Christophe Vandeplas
|
f0b8f89d50
|
fixes lowercase attribute bug in xml output of Events/view and hide
value1 and value2 from the output
|
2012-04-26 18:48:05 +02:00 |
Christophe Vandeplas
|
7ee4ab7035
|
fixes issue 64
|
2012-04-26 15:18:33 +02:00 |
Christophe Vandeplas
|
60a5b1e1c6
|
moved alert email functionality to separate function _sendAlertEmail()
REST event add requests also send out mails where necessary
|
2012-04-26 14:54:04 +02:00 |
Christophe Vandeplas
|
8bd7b45248
|
Fixes issue 66 - https://code.lab.modiss.be/p/cydefsig/issues/66/
|
2012-04-26 11:15:12 +02:00 |
Christophe Vandeplas
|
97a5790938
|
fixes bug in discovered while running migrate02to021 script
|
2012-04-25 13:56:25 +02:00 |
Christophe Vandeplas
|
6e9f0f0d24
|
split value to value1 and value2.
You need to update the DB schema and run /events/migrate02to021 to
migrate the data
|
2012-04-25 13:17:44 +02:00 |
Christophe Vandeplas
|
aea079b8c4
|
bugfix in Attribute validation
Do not search for related attributes for specific types
|
2012-04-25 10:30:23 +02:00 |
Christophe Vandeplas
|
d0b52de85e
|
fixed typo
|
2012-04-25 09:50:40 +02:00 |
Christophe Vandeplas
|
388f3cc445
|
Merge commit '280baac98902789ee69186539474a2e82156659e' into develop
Resolved Conflicts in:
app/View/Events/view.ctp
|
2012-04-25 09:04:07 +02:00 |
Andrzej Dereszowski
|
280baac989
|
patched deleting of attributes
|
2012-04-15 19:41:50 +02:00 |
Andrzej Dereszowski
|
29c5411ece
|
minor cosmetic changes
|
2012-04-13 10:53:53 +02:00 |
Christophe Vandeplas
|
a2d073b7b9
|
REST POST of event and signatures works (basics, no error-handling)
|
2012-04-10 15:47:42 +02:00 |
Christophe Vandeplas
|
87e12448ab
|
Start of documentation concerning REST.
|
2012-04-07 09:38:15 +02:00 |
Christophe Vandeplas
|
c2975a77a4
|
Allow saving of data using REST API
|
2012-04-07 08:31:01 +02:00 |
Christophe Vandeplas
|
fb958eaacc
|
Logging in for REST using Authorized HTTP header field.
|
2012-04-06 16:32:33 +02:00 |
Christophe Vandeplas
|
a8901cb6cf
|
fix db engine
|
2012-04-04 20:27:02 +02:00 |
Christophe Vandeplas
|
e56b7cecb3
|
db structure for sync functionality
|
2012-04-04 20:25:29 +02:00 |
Christophe Vandeplas
|
a45b70bc8d
|
Add, edit, delete and (basic) Manual Sync server functionality added
|
2012-04-04 20:22:22 +02:00 |
Christophe Vandeplas
|
7f33beaa4c
|
Micro usability improvement
|
2012-04-04 19:03:39 +02:00 |
Christophe Vandeplas
|
5b49318164
|
moved security to see profile to isAuthorized to keep consistency
|
2012-04-04 18:32:44 +02:00 |
Christophe Vandeplas
|
6cee17bfcd
|
XML format for attributes index
|
2012-04-04 18:08:57 +02:00 |
Christophe Vandeplas
|
49aaced78a
|
Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop
Fixed conflicts in: app/View/Events/view.ctp
|
2012-04-04 17:53:51 +02:00 |
Andrzej Dereszowski
|
9e04311622
|
minor changes:
- when admin adds a user, auth key is automatically suggested
- auth refresh is performed after user edition
|
2012-04-02 23:00:41 +02:00 |
Andrzej Dereszowski
|
69fef3f6fa
|
Fix for the routing problem on admin-privileged users.
All links that need to be routed to admin-prefixed method have to have
'admin' => true in the parameters
|
2012-04-02 22:26:36 +02:00 |
Andrzej Dereszowski
|
faffe87ea6
|
- some bugfixes in validation corrected
- new attribute type - link to external site
|
2012-04-02 19:24:50 +02:00 |
Andrzej Dereszowski
|
0374c1c9b6
|
Bug fixes in the admin view
- password changing for other users
- corrected admin_view
|
2012-04-02 17:21:17 +02:00 |
Andrzej Dereszowski
|
6c5a5aa427
|
- small bug with "No GPG key" message marked in the code
- path to homedir for GPG added in User.php
|
2012-04-02 12:14:27 +02:00 |
Andrzej Dereszowski
|
216b77f854
|
- Attributes index view fixed (attachments)
|
2012-04-02 11:59:51 +02:00 |
Andrzej Dereszowski
|
62ceed286c
|
- signatures are displayed by category always in the same order defined in model
|
2012-04-02 11:53:44 +02:00 |
Andrzej Dereszowski
|
17950b965e
|
minor correction:
- login page does not display "invalid user" when first time presented to the user
- "Log Off" button removed from the print view
|
2012-04-02 11:37:32 +02:00 |
Andrzej Dereszowski
|
ed298aa0dd
|
logo position corrected
|
2012-04-02 11:22:19 +02:00 |
Christophe Vandeplas
|
41d03e69f3
|
Merge commit 'dee8a866e691fde2eedbd9a2418a6027f88d07cf' into develop
|
2012-04-01 20:08:07 +02:00 |
Christophe Vandeplas
|
dee8a866e6
|
Fixed bug where GPG homedir was not set in a few places
|
2012-04-01 19:23:46 +02:00 |
Christophe Vandeplas
|
2142585710
|
Implemented basics for private, nonsyncable, Events or Attributes.
|
2012-04-01 18:41:47 +02:00 |
Christophe Vandeplas
|
bf8ae66e9c
|
First version or REST API to export data
|
2012-04-01 17:30:00 +02:00 |
Christophe Vandeplas
|
67d3a9f9d2
|
minor changes
|
2012-04-01 15:49:01 +02:00 |
Christophe Vandeplas
|
e6a6328d00
|
forgot updated default layout for info bloxes
|
2012-04-01 14:49:28 +02:00 |
Christophe Vandeplas
|
0915ce48d3
|
Added some infoboxes when adding Attributes.
|
2012-03-31 23:29:56 +02:00 |
Christophe Vandeplas
|
19eaa12050
|
Allow publishing of events without sending email.
|
2012-03-31 22:07:35 +02:00 |
Christophe Vandeplas
|
0fff291c67
|
fixed minor CSRF vulnerability + added google link on vulnerability type
|
2012-03-31 21:55:09 +02:00 |
Christophe Vandeplas
|
aa8ba55dac
|
First experimental test of importing events from a remote server.
Only new events are imported.
|
2012-03-31 19:06:43 +02:00 |
Christophe Vandeplas
|
95455f51a6
|
Fixed minor bugs
|
2012-03-27 18:58:11 +02:00 |
Christophe Vandeplas
|
20cddd07db
|
changed alerted -> published
other minor fixes
|
2012-03-27 14:49:31 +02:00 |
Christophe Vandeplas
|
da99625a6c
|
minor change in getRelatedAttributes function
|
2012-03-27 14:02:49 +02:00 |
Christophe Vandeplas
|
1518b1ebcc
|
filename|sha1 data validation
|
2012-03-27 11:03:57 +02:00 |
Christophe Vandeplas
|
67907864a1
|
filename|sha1
|
2012-03-27 11:01:33 +02:00 |
Christophe Vandeplas
|
98402c0faa
|
Fix admin routing
|
2012-03-27 09:31:41 +02:00 |
Christophe Vandeplas
|
5657a9dd10
|
Added a migrate() function to generate uuid for events and attributes
that didn't have an uuid
|
2012-03-26 20:25:45 +02:00 |
Christophe Vandeplas
|
7c4394682d
|
Renamed Signature to Attribute
|
2012-03-26 19:56:44 +02:00 |
Christophe Vandeplas
|
28cf7d44e9
|
XML export ... woohoo !!!
|
2012-03-26 15:06:01 +02:00 |
Christophe Vandeplas
|
df7efb9d88
|
number of entries in the index lists
|
2012-03-26 13:11:06 +02:00 |
Christophe Vandeplas
|
a1b8719db4
|
fix error when there are no related events/signatures, or simply
signatures
|
2012-03-26 12:40:18 +02:00 |
Christophe Vandeplas
|
1921913e4f
|
forgot to update DB structure after category support
|
2012-03-25 16:27:29 +02:00 |
Christophe Vandeplas
|
803bdbdf87
|
micro HTML bugfixes in views
|
2012-03-25 16:25:16 +02:00 |
Christophe Vandeplas
|
04c9028008
|
preformance improvement when searching for related events (by reusing
results from related signatures search)
|
2012-03-25 16:21:51 +02:00 |
Christophe Vandeplas
|
7b1673d212
|
md5 and sha1 hashes now automatically lowercase
cleaned up some code and fixed some vulnerabilities
|
2012-03-25 15:56:29 +02:00 |
Christophe Vandeplas
|
86b760cd54
|
Print Cascading Stylesheets and minor layout fixes
|
2012-03-25 15:02:15 +02:00 |
Christophe Vandeplas
|
0ed69399b1
|
extra vulnerability type
|
2012-03-24 10:48:06 +01:00 |
Christophe Vandeplas
|
da2687846b
|
Implemented file-upload of attachment or password protected
malware-samples. Base code contributed by Andrzej Dereszowski
|
2012-03-23 20:04:22 +01:00 |
Christophe Vandeplas
|
da48ad4769
|
Confirm password functionality (thanks to Andrzej)
|
2012-03-22 10:06:33 +01:00 |
Christophe Vandeplas
|
91de13f1ad
|
updated DB structure
|
2012-03-22 08:57:18 +01:00 |
Christophe Vandeplas
|
23d161f332
|
minor micro changes
|
2012-03-21 21:44:18 +01:00 |
Christophe Vandeplas
|
23572019bb
|
Signature is now known as Attribute
|
2012-03-21 21:25:16 +01:00 |
Christophe Vandeplas
|
4bbbfc36c3
|
Not finished editing -> not published
|
2012-03-21 11:01:37 +01:00 |
Christophe Vandeplas
|
5907c86520
|
whatever
|
2012-03-21 10:57:59 +01:00 |
Christophe Vandeplas
|
754230feb0
|
Graph for Signatures Type per organisation
|
2012-03-21 10:34:22 +01:00 |
Christophe Vandeplas
|
7a3be6953c
|
fix bug of login/authinfo not refreshed when reseting authkey
|
2012-03-20 15:44:39 +01:00 |
Christophe Vandeplas
|
c5954b081b
|
Layout improvements
|
2012-03-20 15:11:02 +01:00 |
Christophe Vandeplas
|
ce0c0aba0e
|
isAuthorized now handles permissions on admin,delete,edit,... actions
|
2012-03-20 14:57:52 +01:00 |
Christophe Vandeplas
|
495cc1a6c2
|
UUID support for syncing
|
2012-03-20 13:40:58 +01:00 |
Christophe Vandeplas
|
2c7f01f61e
|
Rename Finish Edit to Publish Event
|
2012-03-20 08:26:57 +01:00 |
Christophe Vandeplas
|
b79d16291b
|
Fixes bug: to_ids should be there otherwise you cannot edit the
signature to change the "to_ids" checkbox. By Andrzej Dereszowski
|
2012-03-18 08:02:31 +01:00 |
Christophe Vandeplas
|
07f6b5e090
|
cleanup old __('Actions') and non echo __()
|
2012-03-16 14:13:31 +01:00 |
Christophe Vandeplas
|
8c5b973852
|
updated DB structure and content
|
2012-03-15 15:10:24 +01:00 |
Christophe Vandeplas
|
865a24d0bd
|
Migration to CakePHP 2.1.
Most of the functionality migrated, Q&A review required.
|
2012-03-15 15:06:45 +01:00 |
Christophe Vandeplas
|
6da66f61b6
|
Terms and Conditions and News splashpage
Updated DB structure: ALTER TABLE `users` ADD `termsaccepted` TINYINT( 1
) NOT NULL , ADD `newsread` DATE NOT NULL
|
2012-03-13 09:58:34 +01:00 |
Christophe Vandeplas
|
20c1c51a74
|
micro change in export text
|
2012-03-07 16:23:06 +01:00 |
Christophe Vandeplas
|
b5f2582961
|
Temporary workaround for problem to edit profile.
|
2012-03-07 16:13:54 +01:00 |
Christophe Vandeplas
|
864f3aff2f
|
implement batch import of signatures
|
2012-03-06 13:45:16 +01:00 |
Christophe Vandeplas
|
cc5a62426d
|
powered by
|
2012-03-06 11:37:14 +01:00 |
Christophe Vandeplas
|
91cc35140e
|
export to text formats
|
2012-03-06 11:29:01 +01:00 |
Christophe Vandeplas
|
4ca79e3e5b
|
fixed information disclosure vulnerability on groups pages
|
2012-03-06 10:38:02 +01:00 |
Christophe Vandeplas
|
f58cd27855
|
updated README based on feedback from Jeroen Vanderauwera and some
corrections
|
2012-03-06 10:21:46 +01:00 |
Christophe Vandeplas
|
cd78cb260f
|
show org for admin
|
2012-03-06 07:45:02 +01:00 |
Christophe Vandeplas
|
b0bb827261
|
show link between events on the signature level
|
2012-02-20 19:46:37 +01:00 |
Christophe Vandeplas
|
eef982d18a
|
reverted sort order of Signature Types Histogram
|
2012-02-20 14:52:31 +01:00 |
Christophe Vandeplas
|
96b91b73c2
|
changed sort-order of Signature Types Histogram
|
2012-02-20 14:51:37 +01:00 |
Christophe Vandeplas
|
7a820ee8fd
|
snort signature type is now exported to NIDS and cleaned up
|
2012-02-20 14:33:03 +01:00 |
Christophe Vandeplas
|
cf5b5f1784
|
updated table structure
|
2012-02-20 13:20:45 +01:00 |
Christophe Vandeplas
|
e247abf36b
|
Allows the user to choose a custom NIDS start SID
|
2012-02-20 10:16:13 +01:00 |
Christophe Vandeplas
|
c77d499555
|
Added more clear Edit Profile button -
https://code.lab.modiss.be/p/cydefsig/issues/29/
|
2012-02-20 09:39:46 +01:00 |
Christophe Vandeplas
|
89d0a8d08d
|
miror layout improvements in emails
|
2012-02-11 07:56:41 +01:00 |
Christophe Vandeplas
|
f9d64c99b8
|
fixes HTML entities in email
|
2012-02-11 07:47:05 +01:00 |
Christophe Vandeplas
|
e7479fdad3
|
data validation - duplicate signatures for same event
|
2012-02-10 14:43:02 +01:00 |
Christophe Vandeplas
|
934397c892
|
bugfix userslist and types_histogram
|
2012-02-10 14:17:00 +01:00 |
Christophe Vandeplas
|
7ff925897c
|
list number of events shared by Org
list type of signatures shared by Org
|
2012-02-10 14:03:33 +01:00 |
Christophe Vandeplas
|
7b16857bc7
|
allow string-in-file
|
2012-02-10 11:11:52 +01:00 |
Christophe Vandeplas
|
dd5d4f37d2
|
Snort signature type has no datavalidation
|
2012-02-03 11:13:11 +01:00 |
Christophe Vandeplas
|
4483c2a5f1
|
added 'snort' signature type
|
2012-02-03 11:13:10 +01:00 |
Christophe Vandeplas
|
7ca72ade23
|
added 'snort' signature type
|
2012-02-03 10:59:12 +01:00 |
Christophe Vandeplas
|
ca7085469f
|
Database structure and rough license
|
2012-01-18 15:30:36 +01:00 |
Christophe Vandeplas
|
4a084563d3
|
List members (orgs) of the platform
|
2012-01-17 12:36:32 +01:00 |
Christophe Vandeplas
|
11c4c145b2
|
Allow to hide (default) the name of the Organisation that posted the
event.
|
2012-01-17 10:43:31 +01:00 |
Christophe Vandeplas
|
101a049ff7
|
Fixed filesystem permissions
|
2012-01-05 14:14:54 +01:00 |
Christophe Vandeplas
|
0914e3885e
|
default To IDS checkbox is checked
|
2012-01-05 13:55:53 +01:00 |
Christophe Vandeplas
|
b995b16517
|
to_nids renamed to to_ids and implemented
|
2012-01-05 13:54:09 +01:00 |
Christophe Vandeplas
|
c68c732bf4
|
stylesheet improvements
|
2012-01-05 11:46:59 +01:00 |
Christophe Vandeplas
|
00c4405cc6
|
shows ID in event list and detail
|
2012-01-05 11:03:51 +01:00 |
Christophe Vandeplas
|
eaaef2d7c8
|
micro fix
|
2012-01-05 11:00:22 +01:00 |
Christophe Vandeplas
|
b4966bc154
|
Contact reporter now lets a user add a custom message.
|
2011-12-17 10:27:45 +01:00 |
Christophe Vandeplas
|
45ae4c65c6
|
cleaned workaround for empty password behavior of Auth component
|
2011-12-11 19:39:02 +01:00 |
Christophe Vandeplas
|
a55ced2d30
|
add basic XSRF protection for add, edit actions
|
2011-12-11 18:28:33 +01:00 |
Christophe Vandeplas
|
1980998ee7
|
minor fixes in git repo
|
2011-12-11 16:59:35 +01:00 |
Christophe Vandeplas
|
b81874fc3d
|
authkey reset functionality
and fixed bugs in users_controller
|
2011-12-11 16:57:06 +01:00 |
Christophe Vandeplas
|
5810b0e47e
|
events/snort is now refactored to events/nids
Backwards compatibility with the url is still kept
|
2011-12-11 14:44:20 +01:00 |
Christophe Vandeplas
|
c1e5bdb271
|
implemented relations dynamically
|
2011-12-11 13:29:54 +01:00 |
Christophe Vandeplas
|
84ebbea07c
|
removed forgotten comment
|
2011-12-11 13:26:40 +01:00 |
Christophe Vandeplas
|
b24506e73b
|
fixes authkey generation
|
2011-12-11 13:21:23 +01:00 |
Christophe Vandeplas
|
e1c36e1caf
|
added missing files
|
2011-12-09 11:45:12 +01:00 |
Christophe Vandeplas
|
8e2523d9df
|
fixed Snort export - DNS format
|
2011-12-09 11:40:36 +01:00 |
Christophe Vandeplas
|
27d5788f89
|
xml export now done properly
fixed bug in xml export
|
2011-12-05 22:01:31 +01:00 |
Christophe Vandeplas
|
b7dbc01e47
|
changed snort rule message
|
2011-12-05 19:28:29 +01:00 |
Christophe Vandeplas
|
5d50a17681
|
minor fixes
|
2011-12-05 19:14:11 +01:00 |
Christophe Vandeplas
|
63b7883238
|
fixed email + gpg alert bugs
|
2011-11-28 23:20:45 +01:00 |
Christophe Vandeplas
|
cb26fb51dc
|
color improvement in notification message
|
2011-11-28 23:04:54 +01:00 |
Christophe Vandeplas
|
1aaad192a1
|
better color-based error messages
|
2011-11-27 17:14:59 +01:00 |
Christophe Vandeplas
|
a55af5c2d5
|
moved getRelatedEvents() to Event model
|
2011-11-27 16:27:09 +01:00 |
Christophe Vandeplas
|
33d84787bb
|
micro improvement
|
2011-11-27 16:11:11 +01:00 |
Christophe Vandeplas
|
8645812e2d
|
related info also in alert email
|
2011-11-27 15:32:11 +01:00 |
Christophe Vandeplas
|
1eebc74894
|
added relation between events (implementation not yet ideal)
|
2011-11-27 14:58:54 +01:00 |
Christophe Vandeplas
|
1272c74441
|
added AS a signature type
|
2011-11-26 14:33:25 +01:00 |
Christophe Vandeplas
|
b06beee136
|
only send out encrypted alerts if set in bootstrap config file
|
2011-11-26 12:49:33 +01:00 |
Christophe Vandeplas
|
aa0485c3a4
|
export info in separate page
|
2011-11-26 12:32:00 +01:00 |
Christophe Vandeplas
|
8e9cb8a367
|
minor layout improvements
|
2011-11-26 12:31:06 +01:00 |
Christophe Vandeplas
|
c3388b6a4a
|
minor change
|
2011-11-26 12:29:56 +01:00 |
Christophe Vandeplas
|
90dff61bb3
|
initial import
|
2011-11-26 10:45:31 +01:00 |