MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
277 Commits
35 Branches
366 Tags
190 MiB
Commit Graph

277 Commits (33df513f11dad80b9e98aa9b5ff6e17310a5ff3f)

Author SHA1 Message Date
Christophe Vandeplas 33df513f11 fix document-root location (security) 2012-08-31 09:06:29 +02:00
noud 73f5d5e3c9 database schema 
MYSQL.txt is initial schema, so whitelist table must be inhere as well.
 2012-08-30 16:33:12 +02:00
Andrzej Dereszowski 74764d4e8b Merge branch 'master' of code.lab.modiss.be:cydefsig 
Conflicts:
	app/Controller/Component/NidsExportComponent.php
 2012-08-30 10:59:07 +02:00
noud 29c5d29609 Sync. 
Database schema updated for sync and re-added event.user_id.
 2012-08-29 13:41:30 +02:00
noud 5c39a46fc8 Sync. 
Better square and croped images.
 2012-08-29 13:11:00 +02:00
noud 36afd45217 Sync. 
To test it's handy to run a virtual hosted CyDefSIG having it's own
database besides an already existing CyDefSIG.
This is the Apache virtual host setup.
 2012-08-29 08:42:26 +02:00
noud 9a8b963d67 Sync. 
Example data describing the NATO CyDefSIG server.
 2012-08-29 08:40:25 +02:00
noud eb8827314d Sync. 
The actual logos used for visable flags in Events::index.
 2012-08-28 15:49:24 +02:00
noud 4ae71fc963 Sync. 
Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).

To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
 2012-08-28 15:36:14 +02:00
Christophe Vandeplas 6673b56c61 fixes bug where expired GPG keys break the email-alert system. 2012-08-27 11:23:55 +02:00
noud 6b874a6aff Extra bug. 
Add attribute, do not fill in any, and hit Submit, gives error messages.
 2012-08-24 14:10:20 +02:00
noud ea5ea121e3 Add attribute. 
Add attribute, do not fill in any, and hit Submit, did give error
messages.
 2012-08-24 14:09:17 +02:00
noud 4cec4e69f9 correlation. 
do not use the AttributesController::event now,
just use the old EventsController::view.
 2012-08-24 14:06:08 +02:00
Christophe Vandeplas f6e45587e4 bugfix snort rule-rewriting where some required variables were not given 
to the snortRule() function
 2012-08-22 08:46:07 +02:00
noud 474058cc24 use DS in stead of '/'. 2012-08-21 16:57:42 +02:00
noud b7a5d8a3f8 Delete (published) event or attribute. 
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
 2012-08-21 16:55:57 +02:00
Christophe Vandeplas df46c4d93b minor layout improvement on the export info page 2012-08-20 14:32:53 +02:00
Christophe Vandeplas 8bb3126aaa improve accuracy of http hostname detection 2012-08-20 14:27:44 +02:00
noud 06580b6d18 Authkey validation bug and cleanup of fixed bugs list. 2012-08-17 08:43:19 +02:00
noud 44172d244b Authkey validation. 
An authkey with any length, so less then 40, could be entered.
Now authkey has to have a length of 40 (or higher).
 2012-08-17 08:42:21 +02:00
noud 43d9f42032 HIDS exports sorted (and small indention correction). 2012-08-08 14:21:28 +02:00
noud 69ad48813f Whitelist not on NidsExportComponent::urlRule. 
In hindsight, an url should not be excluded given a host or domain name.
 2012-08-07 12:54:49 +02:00
noud 17ed90ddc4 Correlation speedup using AttributesController i.s.o. EventsController. 
We forgot to change some view things using the right controller.
 2012-08-07 11:59:11 +02:00
noud cdc7484944 REST edit Event implementation. 
Now after publish, edit and (re)publish an event,
that event will be updated on the other servers.
 2012-08-07 11:57:52 +02:00
noud 8dc4fa383b Event.user_id. 
Event.user_id was re-added but we still missed some,
so an added event would get user_id set to zero.
Now Event gets the correct user_id again from
the person logged in and adding.
(lateron this must not be used during sync.)
 2012-08-06 14:27:55 +02:00
noud b0614c5b95 Whitelist. 
Mention the whitelist for NDIS export on Export page.
 2012-08-06 10:44:16 +02:00
noud b24acfb4a5 Whitelist. 
An admin can maintain a whitelist of host, domain name and ip numbers.
In the NIDS export lines containing whitelist items are commented out.
 2012-08-06 10:42:46 +02:00
noud 2dea0e347d Correlation performance gain. 
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');

possible values: 
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
  (sql improvement possible if result conform db above)

Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)

          default     db    sql
all         25366  16601  15941
            24839  16604  15611
paginated   16759   8447   6615
            17734   8639   8846

this is used in both:
- events/view/<id>
- attributes/event/<id>
 2012-08-03 12:00:16 +02:00
noud fbd3ecc5b6 Bug, unknown server internet name and pull. 2012-08-01 10:23:23 +02:00
noud 01980dbe88 Fix to pulling from an unknown server. 
- a server having a non-existing internet name gives
  "php_network_getaddresses:
  getaddrinfo failed: Name or service not known"
  on pull.
 2012-08-01 10:20:17 +02:00
noud 20d4e202e5 Sync Servers, error if server no MISP or non-existing hostname. 2012-08-01 09:07:20 +02:00
noud 0854e19439 Sync Servers, fix if server no MISP or non-existing hostname. 
- a server containing no MISP gives "XML cannot be read." on publish.
- a server having a non-existing internet name gives 
  "php_network_getaddresses: getaddrinfo failed: Name or service not
known" on publish.
 2012-08-01 09:06:39 +02:00
noud bda5e56f9b Export HIDS files with MD5 and SHA-1. 2012-07-27 15:19:40 +02:00
git 8ba98a1e57 Rollback of pagination on event view 
Comeback to previous event layout. This does not change the preformance issue so it is not worth to put in stable.
We will move it to the devel branch
 2012-07-24 15:44:04 +02:00
noud de89d28caa Fix, paging on event with lots of attributes. 2012-07-20 13:27:55 +02:00
noud c1ed9c5839 2 new bugs: 
- event with lots of attributes has no paging.
- non-composite attribute and non-printable.
 2012-07-20 08:51:20 +02:00
noud e9234bcee7 Fixed non-printable in no-composite attribute. 2012-07-20 08:48:12 +02:00
noud 25d5ff4290 Show events with user.email if admin. 2012-07-19 14:53:12 +02:00
noud 78f629e6dd Redo Event.user_id 2012-07-19 14:52:27 +02:00
noud c086981676 Search Attributes fixed. 2012-07-19 11:41:04 +02:00
noud 29a67f4d96 Fixes the Search Attributes. 2012-07-19 11:41:04 +02:00
noud 8db00efdac Remove extra dot between filename and ext when downloading attachment. 2012-07-19 11:41:04 +02:00
deresz d879deb027 news: removed some old stuff 
EventsController: contact mail display name from the config file
 2012-07-19 09:48:45 +02:00
Andrzej Dereszowski bf98f2db3c Merge branch 'develop_0.2.2_fixes' into develop 
Conflicts:
	app/Model/Attribute.php
 2012-07-11 16:15:27 +02:00
noud e353c405e1 New bug.. type filename|md5, conform type md5 strtolower. 2012-07-11 14:37:04 +02:00
noud 5c1a8e22fb Fix, do strtolower on types filename|md5 and filename|sha1 conform types 
md5 and sha1.
 2012-07-11 14:35:46 +02:00
deresz ebec1d7f26 Make the documentation "brand-neutral" to be able to develop it in a community. 2012-07-11 11:03:18 +02:00
noud 25d33e3578 New bug, authError gets displayed before login. 2012-07-11 10:20:44 +02:00
noud e67d9ebdec Fix to authError getting displayed before login. 2012-07-11 10:19:57 +02:00
noud 50e24c7c56 Upload always ticked if malware-sample, always unticked if attachment. 2012-07-11 09:48:44 +02:00