Christophe Vandeplas
33df513f11
fix document-root location (security)
2012-08-31 09:06:29 +02:00
noud
73f5d5e3c9
database schema
...
MYSQL.txt is initial schema, so whitelist table must be inhere as well.
2012-08-30 16:33:12 +02:00
Andrzej Dereszowski
74764d4e8b
Merge branch 'master' of code.lab.modiss.be:cydefsig
...
Conflicts:
app/Controller/Component/NidsExportComponent.php
2012-08-30 10:59:07 +02:00
noud
29c5d29609
Sync.
...
Database schema updated for sync and re-added event.user_id.
2012-08-29 13:41:30 +02:00
noud
5c39a46fc8
Sync.
...
Better square and croped images.
2012-08-29 13:11:00 +02:00
noud
36afd45217
Sync.
...
To test it's handy to run a virtual hosted CyDefSIG having it's own
database besides an already existing CyDefSIG.
This is the Apache virtual host setup.
2012-08-29 08:42:26 +02:00
noud
9a8b963d67
Sync.
...
Example data describing the NATO CyDefSIG server.
2012-08-29 08:40:25 +02:00
noud
eb8827314d
Sync.
...
The actual logos used for visable flags in Events::index.
2012-08-28 15:49:24 +02:00
noud
4ae71fc963
Sync.
...
Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).
To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
2012-08-28 15:36:14 +02:00
Christophe Vandeplas
6673b56c61
fixes bug where expired GPG keys break the email-alert system.
2012-08-27 11:23:55 +02:00
noud
6b874a6aff
Extra bug.
...
Add attribute, do not fill in any, and hit Submit, gives error messages.
2012-08-24 14:10:20 +02:00
noud
ea5ea121e3
Add attribute.
...
Add attribute, do not fill in any, and hit Submit, did give error
messages.
2012-08-24 14:09:17 +02:00
noud
4cec4e69f9
correlation.
...
do not use the AttributesController::event now,
just use the old EventsController::view.
2012-08-24 14:06:08 +02:00
Christophe Vandeplas
f6e45587e4
bugfix snort rule-rewriting where some required variables were not given
...
to the snortRule() function
2012-08-22 08:46:07 +02:00
noud
474058cc24
use DS in stead of '/'.
2012-08-21 16:57:42 +02:00
noud
b7a5d8a3f8
Delete (published) event or attribute.
...
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
2012-08-21 16:55:57 +02:00
Christophe Vandeplas
df46c4d93b
minor layout improvement on the export info page
2012-08-20 14:32:53 +02:00
Christophe Vandeplas
8bb3126aaa
improve accuracy of http hostname detection
2012-08-20 14:27:44 +02:00
noud
06580b6d18
Authkey validation bug and cleanup of fixed bugs list.
2012-08-17 08:43:19 +02:00
noud
44172d244b
Authkey validation.
...
An authkey with any length, so less then 40, could be entered.
Now authkey has to have a length of 40 (or higher).
2012-08-17 08:42:21 +02:00
noud
43d9f42032
HIDS exports sorted (and small indention correction).
2012-08-08 14:21:28 +02:00
noud
69ad48813f
Whitelist not on NidsExportComponent::urlRule.
...
In hindsight, an url should not be excluded given a host or domain name.
2012-08-07 12:54:49 +02:00
noud
17ed90ddc4
Correlation speedup using AttributesController i.s.o. EventsController.
...
We forgot to change some view things using the right controller.
2012-08-07 11:59:11 +02:00
noud
cdc7484944
REST edit Event implementation.
...
Now after publish, edit and (re)publish an event,
that event will be updated on the other servers.
2012-08-07 11:57:52 +02:00
noud
8dc4fa383b
Event.user_id.
...
Event.user_id was re-added but we still missed some,
so an added event would get user_id set to zero.
Now Event gets the correct user_id again from
the person logged in and adding.
(lateron this must not be used during sync.)
2012-08-06 14:27:55 +02:00
noud
b0614c5b95
Whitelist.
...
Mention the whitelist for NDIS export on Export page.
2012-08-06 10:44:16 +02:00
noud
b24acfb4a5
Whitelist.
...
An admin can maintain a whitelist of host, domain name and ip numbers.
In the NIDS export lines containing whitelist items are commented out.
2012-08-06 10:42:46 +02:00
noud
2dea0e347d
Correlation performance gain.
...
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');
possible values:
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
(sql improvement possible if result conform db above)
Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)
default db sql
all 25366 16601 15941
24839 16604 15611
paginated 16759 8447 6615
17734 8639 8846
this is used in both:
- events/view/<id>
- attributes/event/<id>
2012-08-03 12:00:16 +02:00
noud
fbd3ecc5b6
Bug, unknown server internet name and pull.
2012-08-01 10:23:23 +02:00
noud
01980dbe88
Fix to pulling from an unknown server.
...
- a server having a non-existing internet name gives
"php_network_getaddresses:
getaddrinfo failed: Name or service not known"
on pull.
2012-08-01 10:20:17 +02:00
noud
20d4e202e5
Sync Servers, error if server no MISP or non-existing hostname.
2012-08-01 09:07:20 +02:00
noud
0854e19439
Sync Servers, fix if server no MISP or non-existing hostname.
...
- a server containing no MISP gives "XML cannot be read." on publish.
- a server having a non-existing internet name gives
"php_network_getaddresses: getaddrinfo failed: Name or service not
known" on publish.
2012-08-01 09:06:39 +02:00
noud
bda5e56f9b
Export HIDS files with MD5 and SHA-1.
2012-07-27 15:19:40 +02:00
git
8ba98a1e57
Rollback of pagination on event view
...
Comeback to previous event layout. This does not change the preformance issue so it is not worth to put in stable.
We will move it to the devel branch
2012-07-24 15:44:04 +02:00
noud
de89d28caa
Fix, paging on event with lots of attributes.
2012-07-20 13:27:55 +02:00
noud
c1ed9c5839
2 new bugs:
...
- event with lots of attributes has no paging.
- non-composite attribute and non-printable.
2012-07-20 08:51:20 +02:00
noud
e9234bcee7
Fixed non-printable in no-composite attribute.
2012-07-20 08:48:12 +02:00
noud
25d5ff4290
Show events with user.email if admin.
2012-07-19 14:53:12 +02:00
noud
78f629e6dd
Redo Event.user_id
2012-07-19 14:52:27 +02:00
noud
c086981676
Search Attributes fixed.
2012-07-19 11:41:04 +02:00
noud
29a67f4d96
Fixes the Search Attributes.
2012-07-19 11:41:04 +02:00
noud
8db00efdac
Remove extra dot between filename and ext when downloading attachment.
2012-07-19 11:41:04 +02:00
deresz
d879deb027
news: removed some old stuff
...
EventsController: contact mail display name from the config file
2012-07-19 09:48:45 +02:00
Andrzej Dereszowski
bf98f2db3c
Merge branch 'develop_0.2.2_fixes' into develop
...
Conflicts:
app/Model/Attribute.php
2012-07-11 16:15:27 +02:00
noud
e353c405e1
New bug.. type filename|md5, conform type md5 strtolower.
2012-07-11 14:37:04 +02:00
noud
5c1a8e22fb
Fix, do strtolower on types filename|md5 and filename|sha1 conform types
...
md5 and sha1.
2012-07-11 14:35:46 +02:00
deresz
ebec1d7f26
Make the documentation "brand-neutral" to be able to develop it in a community.
2012-07-11 11:03:18 +02:00
noud
25d33e3578
New bug, authError gets displayed before login.
2012-07-11 10:20:44 +02:00
noud
e67d9ebdec
Fix to authError getting displayed before login.
2012-07-11 10:19:57 +02:00
noud
50e24c7c56
Upload always ticked if malware-sample, always unticked if attachment.
2012-07-11 09:48:44 +02:00