MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
983 Commits
42 Branches
370 Tags
181 MiB
Commit Graph

245 Commits (361fb238e0f745e64b5e87e30a6c4c8d02d9d6bd)

Author SHA1 Message Date
noud 1d04652476 CakePHP Coding Standards 
changed to camel caps format where needed.
 2012-09-19 11:05:10 +02:00
noud a4c29a812f XML related. 
Made tools/curl/input/event.xml more anonymous.
Events/xml/view.ctp wrongly showed category_order.
REST Event add did not work anymore given GFI sandbox import.
 2012-09-18 16:50:07 +02:00
noud 94a367c2f5 CakePHP Coding Standards 
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html

Eclipse:
Window->Preferences
	General->Editors->Text Editors
		Displayed tab width:	4
		Insert spaces for tabs	NOT
	PHP->Code Style->Formatter
		Tab policy:	Tabs
File->Convert Line Delimeters To->Unix [default]

http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/

Not yet done is all camel caps format.
 2012-09-18 15:30:32 +02:00
noud 253d8e1b58 Merge branch 'master' into develop 
Conflicts:
	app/Controller/EventsController.php
	app/Model/Attribute.php
	app/View/Events/view.ctp
 2012-09-17 13:02:53 +02:00
noud 0f4a0dffea Sync & Correlation. 
During sync and correlation = db,
an attachment or malware did not get processed into
Attribute.data, so will not be synced.
Now, conform other correlation methods being 'default' or 'sql'
the attachment or malware is synced as well.
(master has been synced with mil.be not using db correlation,
so should have the data.)
 2012-09-13 08:50:30 +02:00
noud 53b22b4c57 Sync. 
On publish and no configured GnuPG, do tell
event is published but no email sent.
 2012-09-05 09:08:44 +02:00
noud abd3b55fef Sync and REST. 
REST delete event working again after uuid change.
 2012-09-05 08:45:59 +02:00
Andrzej Dereszowski 2a7f36d5f9 Merge branch 'master' of code.lab.modiss.be:cydefsig 2012-09-04 12:07:34 +02:00
Christophe Vandeplas fd05d14602 fixes inconsistent relatedAttributes and relatedEvents arrays with 
different correlation implementations
 2012-09-04 16:14:10 +02:00
noud 6303d687ba Sync and gpg. 
If no gnupg installed.. do not tell, for NIAS demo.
 2012-09-04 15:53:11 +02:00
noud 2842e4a81f validation 
add event and empty info now does not MethodNotAllowedException
but Flash and show the invalid.
 2012-09-04 15:29:15 +02:00
Christophe Vandeplas bc0dbd5b97 removes 'Published from' reference 2012-09-04 15:25:45 +02:00
Andrzej Dereszowski 23bbaa9843 Merge branch 'master' of code.lab.modiss.be:cydefsig 2012-09-03 10:29:21 +02:00
noud fc1f2c69a4 REST (and Sync) 
Make REST edit work.
 2012-09-03 13:44:19 +02:00
Christophe Vandeplas 8e7312cd9f Merge branch 'master' of git@code.lab.modiss.be:cydefsig.git 2012-09-03 11:36:16 +02:00
Christophe Vandeplas 111644b16a refactored uuid integration (moved to beforeFilter) 2012-09-03 11:35:21 +02:00
noud 8a021ba82d Sync. 
get the user and org correct,
given authkey them are known to the system.
 2012-09-03 10:26:13 +02:00
Christophe Vandeplas b8fe8bd4eb cleaned up artifacts from refactored logo display 2012-08-31 10:38:14 +02:00
Andrzej Dereszowski 74764d4e8b Merge branch 'master' of code.lab.modiss.be:cydefsig 
Conflicts:
	app/Controller/Component/NidsExportComponent.php
 2012-08-30 10:59:07 +02:00
noud 4ae71fc963 Sync. 
Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).

To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
 2012-08-28 15:36:14 +02:00
Christophe Vandeplas 6673b56c61 fixes bug where expired GPG keys break the email-alert system. 2012-08-27 11:23:55 +02:00
noud 7d98c5f31e GFI Sandbox upload. 
If add event, give a GFI Sandbox export file upload field option.
Unzip, read .xml, add attachment malware, created files and ip-dst.
 2012-08-22 16:04:55 +02:00
noud 7e23e3bc77 Event.user_id rollback(-part). 2012-08-22 15:19:28 +02:00
noud 8c1cfa731a loggable behaviour. 
some merge correction for events and servers, so we log again.
 2012-08-22 14:39:41 +02:00
noud b7a5d8a3f8 Delete (published) event or attribute. 
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
 2012-08-21 16:55:57 +02:00
noud 43d9f42032 HIDS exports sorted (and small indention correction). 2012-08-08 14:21:28 +02:00
noud cdc7484944 REST edit Event implementation. 
Now after publish, edit and (re)publish an event,
that event will be updated on the other servers.
 2012-08-07 11:57:52 +02:00
noud 8dc4fa383b Event.user_id. 
Event.user_id was re-added but we still missed some,
so an added event would get user_id set to zero.
Now Event gets the correct user_id again from
the person logged in and adding.
(lateron this must not be used during sync.)
 2012-08-06 14:27:55 +02:00
noud 2dea0e347d Correlation performance gain. 
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');

possible values: 
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
  (sql improvement possible if result conform db above)

Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)

          default     db    sql
all         25366  16601  15941
            24839  16604  15611
paginated   16759   8447   6615
            17734   8639   8846

this is used in both:
- events/view/<id>
- attributes/event/<id>
 2012-08-03 12:00:16 +02:00
noud bda5e56f9b Export HIDS files with MD5 and SHA-1. 2012-07-27 15:19:40 +02:00
Andrzej Dereszowski 3ff180e898 Merge branch 'develop_0.2.2-0.2.3' into develop 
Conflicts:
	app/Config/Schema/schema_0.2.2.php
	app/Config/routes.php
	app/Controller/AppController.php
	app/Controller/UsersController.php
	app/Model/User.php
	app/README.txt
 2012-07-24 16:09:48 +02:00
deresz d879deb027 news: removed some old stuff 
EventsController: contact mail display name from the config file
 2012-07-19 09:48:45 +02:00
deresz 73e87f31e0 Use CyDefSIG.name from Config in alert e-mail subjects. 2012-07-04 17:15:01 +02:00
Christophe Vandeplas 09c4656944 improved NIDS output 2012-06-29 13:41:23 +02:00
noud 66c5312ea6 DataBase migrate, Audit and Access Control granulation. 2012-06-28 17:24:12 +02:00
Christophe Vandeplas 500418cb61 fixed silly bug in priority assignment of nids export 2012-06-28 14:58:19 +02:00
root b4558887ce Revert "Audit and ACL first cut." 
This reverts commit 5818231f48.
 2012-06-26 09:40:52 +02:00
noud 5818231f48 Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Christophe Vandeplas 5993e3eec8 fixed nids snort rule conversion because of greedy * and + 2012-06-25 10:18:45 +02:00
Christophe Vandeplas f023d98b5b improvement of nids - level and message 2012-06-22 13:48:35 +02:00
Christophe Vandeplas 2268bd73dd micro fix in nids export 2012-06-22 12:46:07 +02:00
Christophe Vandeplas 8c313bc054 changed classtype 2012-06-22 11:49:02 +02:00
Christophe Vandeplas 957e4f232b minor memory usage improvements by referencing in foreach ($array as 
&$value) loop
 2012-06-11 11:40:31 +02:00
Christophe Vandeplas 2d335f5dbe cleanup of comments and todos 
minor memory performance improvement
 2012-06-11 11:01:58 +02:00
Christophe Vandeplas 5eb6a89384 removed reference to useless user_id. 
fixed bug where Contact reporter doesn't work when user does not exist
(contact reporter now sends mails to all the org)
 2012-06-08 16:57:10 +02:00
Christophe Vandeplas 9cd1b0469d minor change 2012-06-06 11:03:08 +02:00
Christophe Vandeplas 1a0586f14f unique attribute for nids export 2012-06-04 12:06:46 +02:00
Christophe Vandeplas f455405475 better error outputting 2012-06-03 22:51:56 +02:00
Christophe Vandeplas 39fb9bca1d Attribute types validation is now a separate function that uses the 
Attribute->type_definitions variable
 2012-05-31 17:12:26 +02:00
Christophe Vandeplas aac2f5926f minor fixes 2012-05-31 08:55:51 +02:00
Christophe Vandeplas d319860268 fixes security issue (overwrite existing event) 2012-05-31 08:47:49 +02:00
Andrzej Dereszowski 7ee4d29fac Fixed merge conflicts with HEAD at belmod 
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop

Conflicts:
	app/Controller/EventsController.php
	app/Model/Attribute.php
 2012-05-29 17:19:36 +02:00
Andrzej Dereszowski 1a91c2f49b Help messages implementation (forms and list views). 2012-05-29 16:53:50 +02:00
Christophe Vandeplas 155f9fe720 fixed logic bug 2012-05-25 10:01:59 +02:00
Christophe Vandeplas ad69aeb38f only sync event on publish when sync feature is on 2012-05-25 09:34:54 +02:00
Christophe Vandeplas 747c211723 auto-upload when publish event 2012-05-25 09:31:14 +02:00
Christophe Vandeplas cd30bb5d30 push / pull seems to work with attachment support. Lots of testing 
required.
 2012-05-23 16:32:46 +02:00
Christophe Vandeplas aa043a445b limit saveAssociated using fieldList 2012-05-22 15:52:55 +02:00
Christophe Vandeplas 6d8b0a98b0 attachment support in REST API 2012-05-22 13:58:37 +02:00
Christophe Vandeplas 00d62ab722 REST XML request also received base64 encoded file content 2012-05-21 15:20:25 +02:00
Christophe Vandeplas 9462902d97 workaround for bug where uuid is not set when empty. See bug 
http://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/2893
 2012-05-21 13:14:28 +02:00
Christophe Vandeplas 395f29dd21 fixes bugs in NIDS export with duplicate SIDs 2012-05-09 15:17:16 +02:00
Christophe Vandeplas fa167bc2c8 . 2012-05-04 14:47:50 +02:00
Christophe Vandeplas 03ad7d3acd fixes event with no attributes in REST request 2012-05-04 12:44:27 +02:00
Christophe Vandeplas e1189e576a fixes problem of not being able to import events with single attribute 2012-05-04 12:37:31 +02:00
Christophe Vandeplas 9e9837d59d Basic sync push seems to work 2012-05-03 14:32:49 +02:00
Christophe Vandeplas 37ee17510e fixes security bug in XML REST request 2012-05-03 13:53:47 +02:00
Christophe Vandeplas 60a5b1e1c6 moved alert email functionality to separate function _sendAlertEmail() 
REST event add requests also send out mails where necessary
 2012-04-26 14:54:04 +02:00
Christophe Vandeplas aea079b8c4 bugfix in Attribute validation 
Do not search for related attributes for specific types
 2012-04-25 10:30:23 +02:00
Christophe Vandeplas a2d073b7b9 REST POST of event and signatures works (basics, no error-handling) 2012-04-10 15:47:42 +02:00
Christophe Vandeplas c2975a77a4 Allow saving of data using REST API 2012-04-07 08:31:01 +02:00
Christophe Vandeplas fb958eaacc Logging in for REST using Authorized HTTP header field. 2012-04-06 16:32:33 +02:00
Christophe Vandeplas 49aaced78a Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop 
Fixed conflicts in: app/View/Events/view.ctp
 2012-04-04 17:53:51 +02:00
Andrzej Dereszowski 6c5a5aa427 - small bug with "No GPG key" message marked in the code 
- path to homedir for GPG added in User.php
 2012-04-02 12:14:27 +02:00
Christophe Vandeplas 41d03e69f3 Merge commit 'dee8a866e691fde2eedbd9a2418a6027f88d07cf' into develop 2012-04-01 20:08:07 +02:00
Christophe Vandeplas dee8a866e6 Fixed bug where GPG homedir was not set in a few places 2012-04-01 19:23:46 +02:00
Christophe Vandeplas bf8ae66e9c First version or REST API to export data 2012-04-01 17:30:00 +02:00
Christophe Vandeplas 19eaa12050 Allow publishing of events without sending email. 2012-03-31 22:07:35 +02:00
Christophe Vandeplas 95455f51a6 Fixed minor bugs 2012-03-27 18:58:11 +02:00
Christophe Vandeplas 20cddd07db changed alerted -> published 
other minor fixes
 2012-03-27 14:49:31 +02:00
Christophe Vandeplas da99625a6c minor change in getRelatedAttributes function 2012-03-27 14:02:49 +02:00
Christophe Vandeplas 7c4394682d Renamed Signature to Attribute 2012-03-26 19:56:44 +02:00
Christophe Vandeplas 28cf7d44e9 XML export ... woohoo !!! 2012-03-26 15:06:01 +02:00
Christophe Vandeplas df7efb9d88 number of entries in the index lists 2012-03-26 13:11:06 +02:00
Christophe Vandeplas a1b8719db4 fix error when there are no related events/signatures, or simply 
signatures
 2012-03-26 12:40:18 +02:00
Christophe Vandeplas 04c9028008 preformance improvement when searching for related events (by reusing 
results from related signatures search)
 2012-03-25 16:21:51 +02:00
Christophe Vandeplas 7b1673d212 md5 and sha1 hashes now automatically lowercase 
cleaned up some code and fixed some vulnerabilities
 2012-03-25 15:56:29 +02:00
Christophe Vandeplas da2687846b Implemented file-upload of attachment or password protected 
malware-samples. Base code contributed by Andrzej Dereszowski
 2012-03-23 20:04:22 +01:00
Christophe Vandeplas 23d161f332 minor micro changes 2012-03-21 21:44:18 +01:00
Christophe Vandeplas 23572019bb Signature is now known as Attribute 2012-03-21 21:25:16 +01:00
Christophe Vandeplas 4bbbfc36c3 Not finished editing -> not published 2012-03-21 11:01:37 +01:00
Christophe Vandeplas 7a3be6953c fix bug of login/authinfo not refreshed when reseting authkey 2012-03-20 15:44:39 +01:00
Christophe Vandeplas ce0c0aba0e isAuthorized now handles permissions on admin,delete,edit,... actions 2012-03-20 14:57:52 +01:00
Christophe Vandeplas 495cc1a6c2 UUID support for syncing 2012-03-20 13:40:58 +01:00
Christophe Vandeplas 865a24d0bd Migration to CakePHP 2.1. 
Most of the functionality migrated, Q&A review required.
 2012-03-15 15:06:45 +01:00