Christophe Vandeplas
|
e1189e576a
|
fixes problem of not being able to import events with single attribute
|
2012-05-04 12:37:31 +02:00 |
Christophe Vandeplas
|
e452460242
|
added CyDefSIG.name to allow changing the title of the site
|
2012-05-04 09:52:45 +02:00 |
Christophe Vandeplas
|
4b5999bb5b
|
fixes issue 67
|
2012-05-03 15:05:08 +02:00 |
Christophe Vandeplas
|
f675d7d6d0
|
more fixes for the sync
|
2012-05-03 14:52:49 +02:00 |
Christophe Vandeplas
|
9e9837d59d
|
Basic sync push seems to work
|
2012-05-03 14:32:49 +02:00 |
Christophe Vandeplas
|
37ee17510e
|
fixes security bug in XML REST request
|
2012-05-03 13:53:47 +02:00 |
Christophe Vandeplas
|
e5c0c5b081
|
do not show related events if the variable was not set
|
2012-04-26 18:50:58 +02:00 |
Christophe Vandeplas
|
f0b8f89d50
|
fixes lowercase attribute bug in xml output of Events/view and hide
value1 and value2 from the output
|
2012-04-26 18:48:05 +02:00 |
Christophe Vandeplas
|
7ee4ab7035
|
fixes issue 64
|
2012-04-26 15:18:33 +02:00 |
Christophe Vandeplas
|
60a5b1e1c6
|
moved alert email functionality to separate function _sendAlertEmail()
REST event add requests also send out mails where necessary
|
2012-04-26 14:54:04 +02:00 |
Christophe Vandeplas
|
8bd7b45248
|
Fixes issue 66 - https://code.lab.modiss.be/p/cydefsig/issues/66/
|
2012-04-26 11:15:12 +02:00 |
Christophe Vandeplas
|
97a5790938
|
fixes bug in discovered while running migrate02to021 script
|
2012-04-25 13:56:25 +02:00 |
Christophe Vandeplas
|
6e9f0f0d24
|
split value to value1 and value2.
You need to update the DB schema and run /events/migrate02to021 to
migrate the data
|
2012-04-25 13:17:44 +02:00 |
Christophe Vandeplas
|
aea079b8c4
|
bugfix in Attribute validation
Do not search for related attributes for specific types
|
2012-04-25 10:30:23 +02:00 |
Christophe Vandeplas
|
d0b52de85e
|
fixed typo
|
2012-04-25 09:50:40 +02:00 |
Christophe Vandeplas
|
388f3cc445
|
Merge commit '280baac98902789ee69186539474a2e82156659e' into develop
Resolved Conflicts in:
app/View/Events/view.ctp
|
2012-04-25 09:04:07 +02:00 |
Andrzej Dereszowski
|
280baac989
|
patched deleting of attributes
|
2012-04-15 19:41:50 +02:00 |
Andrzej Dereszowski
|
29c5411ece
|
minor cosmetic changes
|
2012-04-13 10:53:53 +02:00 |
Christophe Vandeplas
|
a2d073b7b9
|
REST POST of event and signatures works (basics, no error-handling)
|
2012-04-10 15:47:42 +02:00 |
Christophe Vandeplas
|
87e12448ab
|
Start of documentation concerning REST.
|
2012-04-07 09:38:15 +02:00 |
Christophe Vandeplas
|
c2975a77a4
|
Allow saving of data using REST API
|
2012-04-07 08:31:01 +02:00 |
Christophe Vandeplas
|
fb958eaacc
|
Logging in for REST using Authorized HTTP header field.
|
2012-04-06 16:32:33 +02:00 |
Christophe Vandeplas
|
a8901cb6cf
|
fix db engine
|
2012-04-04 20:27:02 +02:00 |
Christophe Vandeplas
|
e56b7cecb3
|
db structure for sync functionality
|
2012-04-04 20:25:29 +02:00 |
Christophe Vandeplas
|
a45b70bc8d
|
Add, edit, delete and (basic) Manual Sync server functionality added
|
2012-04-04 20:22:22 +02:00 |
Christophe Vandeplas
|
7f33beaa4c
|
Micro usability improvement
|
2012-04-04 19:03:39 +02:00 |
Christophe Vandeplas
|
5b49318164
|
moved security to see profile to isAuthorized to keep consistency
|
2012-04-04 18:32:44 +02:00 |
Christophe Vandeplas
|
6cee17bfcd
|
XML format for attributes index
|
2012-04-04 18:08:57 +02:00 |
Christophe Vandeplas
|
49aaced78a
|
Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop
Fixed conflicts in: app/View/Events/view.ctp
|
2012-04-04 17:53:51 +02:00 |
Andrzej Dereszowski
|
9e04311622
|
minor changes:
- when admin adds a user, auth key is automatically suggested
- auth refresh is performed after user edition
|
2012-04-02 23:00:41 +02:00 |
Andrzej Dereszowski
|
69fef3f6fa
|
Fix for the routing problem on admin-privileged users.
All links that need to be routed to admin-prefixed method have to have
'admin' => true in the parameters
|
2012-04-02 22:26:36 +02:00 |
Andrzej Dereszowski
|
faffe87ea6
|
- some bugfixes in validation corrected
- new attribute type - link to external site
|
2012-04-02 19:24:50 +02:00 |
Andrzej Dereszowski
|
0374c1c9b6
|
Bug fixes in the admin view
- password changing for other users
- corrected admin_view
|
2012-04-02 17:21:17 +02:00 |
Andrzej Dereszowski
|
6c5a5aa427
|
- small bug with "No GPG key" message marked in the code
- path to homedir for GPG added in User.php
|
2012-04-02 12:14:27 +02:00 |
Andrzej Dereszowski
|
216b77f854
|
- Attributes index view fixed (attachments)
|
2012-04-02 11:59:51 +02:00 |
Andrzej Dereszowski
|
62ceed286c
|
- signatures are displayed by category always in the same order defined in model
|
2012-04-02 11:53:44 +02:00 |
Andrzej Dereszowski
|
17950b965e
|
minor correction:
- login page does not display "invalid user" when first time presented to the user
- "Log Off" button removed from the print view
|
2012-04-02 11:37:32 +02:00 |
Andrzej Dereszowski
|
ed298aa0dd
|
logo position corrected
|
2012-04-02 11:22:19 +02:00 |
Christophe Vandeplas
|
41d03e69f3
|
Merge commit 'dee8a866e691fde2eedbd9a2418a6027f88d07cf' into develop
|
2012-04-01 20:08:07 +02:00 |
Christophe Vandeplas
|
dee8a866e6
|
Fixed bug where GPG homedir was not set in a few places
|
2012-04-01 19:23:46 +02:00 |
Christophe Vandeplas
|
2142585710
|
Implemented basics for private, nonsyncable, Events or Attributes.
|
2012-04-01 18:41:47 +02:00 |
Christophe Vandeplas
|
bf8ae66e9c
|
First version or REST API to export data
|
2012-04-01 17:30:00 +02:00 |
Christophe Vandeplas
|
67d3a9f9d2
|
minor changes
|
2012-04-01 15:49:01 +02:00 |
Christophe Vandeplas
|
e6a6328d00
|
forgot updated default layout for info bloxes
|
2012-04-01 14:49:28 +02:00 |
Christophe Vandeplas
|
0915ce48d3
|
Added some infoboxes when adding Attributes.
|
2012-03-31 23:29:56 +02:00 |
Christophe Vandeplas
|
19eaa12050
|
Allow publishing of events without sending email.
|
2012-03-31 22:07:35 +02:00 |
Christophe Vandeplas
|
0fff291c67
|
fixed minor CSRF vulnerability + added google link on vulnerability type
|
2012-03-31 21:55:09 +02:00 |
Christophe Vandeplas
|
aa8ba55dac
|
First experimental test of importing events from a remote server.
Only new events are imported.
|
2012-03-31 19:06:43 +02:00 |
Christophe Vandeplas
|
95455f51a6
|
Fixed minor bugs
|
2012-03-27 18:58:11 +02:00 |
Christophe Vandeplas
|
20cddd07db
|
changed alerted -> published
other minor fixes
|
2012-03-27 14:49:31 +02:00 |
Christophe Vandeplas
|
da99625a6c
|
minor change in getRelatedAttributes function
|
2012-03-27 14:02:49 +02:00 |
Christophe Vandeplas
|
1518b1ebcc
|
filename|sha1 data validation
|
2012-03-27 11:03:57 +02:00 |
Christophe Vandeplas
|
67907864a1
|
filename|sha1
|
2012-03-27 11:01:33 +02:00 |
Christophe Vandeplas
|
98402c0faa
|
Fix admin routing
|
2012-03-27 09:31:41 +02:00 |
Christophe Vandeplas
|
5657a9dd10
|
Added a migrate() function to generate uuid for events and attributes
that didn't have an uuid
|
2012-03-26 20:25:45 +02:00 |
Christophe Vandeplas
|
7c4394682d
|
Renamed Signature to Attribute
|
2012-03-26 19:56:44 +02:00 |
Christophe Vandeplas
|
28cf7d44e9
|
XML export ... woohoo !!!
|
2012-03-26 15:06:01 +02:00 |
Christophe Vandeplas
|
df7efb9d88
|
number of entries in the index lists
|
2012-03-26 13:11:06 +02:00 |
Christophe Vandeplas
|
a1b8719db4
|
fix error when there are no related events/signatures, or simply
signatures
|
2012-03-26 12:40:18 +02:00 |
Christophe Vandeplas
|
1921913e4f
|
forgot to update DB structure after category support
|
2012-03-25 16:27:29 +02:00 |
Christophe Vandeplas
|
803bdbdf87
|
micro HTML bugfixes in views
|
2012-03-25 16:25:16 +02:00 |
Christophe Vandeplas
|
04c9028008
|
preformance improvement when searching for related events (by reusing
results from related signatures search)
|
2012-03-25 16:21:51 +02:00 |
Christophe Vandeplas
|
7b1673d212
|
md5 and sha1 hashes now automatically lowercase
cleaned up some code and fixed some vulnerabilities
|
2012-03-25 15:56:29 +02:00 |
Christophe Vandeplas
|
86b760cd54
|
Print Cascading Stylesheets and minor layout fixes
|
2012-03-25 15:02:15 +02:00 |
Christophe Vandeplas
|
0ed69399b1
|
extra vulnerability type
|
2012-03-24 10:48:06 +01:00 |
Christophe Vandeplas
|
da2687846b
|
Implemented file-upload of attachment or password protected
malware-samples. Base code contributed by Andrzej Dereszowski
|
2012-03-23 20:04:22 +01:00 |
Christophe Vandeplas
|
da48ad4769
|
Confirm password functionality (thanks to Andrzej)
|
2012-03-22 10:06:33 +01:00 |
Christophe Vandeplas
|
91de13f1ad
|
updated DB structure
|
2012-03-22 08:57:18 +01:00 |
Christophe Vandeplas
|
23d161f332
|
minor micro changes
|
2012-03-21 21:44:18 +01:00 |
Christophe Vandeplas
|
23572019bb
|
Signature is now known as Attribute
|
2012-03-21 21:25:16 +01:00 |
Christophe Vandeplas
|
4bbbfc36c3
|
Not finished editing -> not published
|
2012-03-21 11:01:37 +01:00 |
Christophe Vandeplas
|
5907c86520
|
whatever
|
2012-03-21 10:57:59 +01:00 |
Christophe Vandeplas
|
754230feb0
|
Graph for Signatures Type per organisation
|
2012-03-21 10:34:22 +01:00 |
Christophe Vandeplas
|
7a3be6953c
|
fix bug of login/authinfo not refreshed when reseting authkey
|
2012-03-20 15:44:39 +01:00 |
Christophe Vandeplas
|
c5954b081b
|
Layout improvements
|
2012-03-20 15:11:02 +01:00 |
Christophe Vandeplas
|
ce0c0aba0e
|
isAuthorized now handles permissions on admin,delete,edit,... actions
|
2012-03-20 14:57:52 +01:00 |
Christophe Vandeplas
|
495cc1a6c2
|
UUID support for syncing
|
2012-03-20 13:40:58 +01:00 |
Christophe Vandeplas
|
2c7f01f61e
|
Rename Finish Edit to Publish Event
|
2012-03-20 08:26:57 +01:00 |
Christophe Vandeplas
|
b79d16291b
|
Fixes bug: to_ids should be there otherwise you cannot edit the
signature to change the "to_ids" checkbox. By Andrzej Dereszowski
|
2012-03-18 08:02:31 +01:00 |
Christophe Vandeplas
|
07f6b5e090
|
cleanup old __('Actions') and non echo __()
|
2012-03-16 14:13:31 +01:00 |
Christophe Vandeplas
|
8c5b973852
|
updated DB structure and content
|
2012-03-15 15:10:24 +01:00 |
Christophe Vandeplas
|
865a24d0bd
|
Migration to CakePHP 2.1.
Most of the functionality migrated, Q&A review required.
|
2012-03-15 15:06:45 +01:00 |
Christophe Vandeplas
|
6da66f61b6
|
Terms and Conditions and News splashpage
Updated DB structure: ALTER TABLE `users` ADD `termsaccepted` TINYINT( 1
) NOT NULL , ADD `newsread` DATE NOT NULL
|
2012-03-13 09:58:34 +01:00 |
Christophe Vandeplas
|
20c1c51a74
|
micro change in export text
|
2012-03-07 16:23:06 +01:00 |
Christophe Vandeplas
|
b5f2582961
|
Temporary workaround for problem to edit profile.
|
2012-03-07 16:13:54 +01:00 |
Christophe Vandeplas
|
864f3aff2f
|
implement batch import of signatures
|
2012-03-06 13:45:16 +01:00 |
Christophe Vandeplas
|
cc5a62426d
|
powered by
|
2012-03-06 11:37:14 +01:00 |
Christophe Vandeplas
|
91cc35140e
|
export to text formats
|
2012-03-06 11:29:01 +01:00 |
Christophe Vandeplas
|
4ca79e3e5b
|
fixed information disclosure vulnerability on groups pages
|
2012-03-06 10:38:02 +01:00 |
Christophe Vandeplas
|
f58cd27855
|
updated README based on feedback from Jeroen Vanderauwera and some
corrections
|
2012-03-06 10:21:46 +01:00 |
Christophe Vandeplas
|
cd78cb260f
|
show org for admin
|
2012-03-06 07:45:02 +01:00 |
Christophe Vandeplas
|
b0bb827261
|
show link between events on the signature level
|
2012-02-20 19:46:37 +01:00 |
Christophe Vandeplas
|
eef982d18a
|
reverted sort order of Signature Types Histogram
|
2012-02-20 14:52:31 +01:00 |
Christophe Vandeplas
|
96b91b73c2
|
changed sort-order of Signature Types Histogram
|
2012-02-20 14:51:37 +01:00 |
Christophe Vandeplas
|
7a820ee8fd
|
snort signature type is now exported to NIDS and cleaned up
|
2012-02-20 14:33:03 +01:00 |
Christophe Vandeplas
|
cf5b5f1784
|
updated table structure
|
2012-02-20 13:20:45 +01:00 |
Christophe Vandeplas
|
e247abf36b
|
Allows the user to choose a custom NIDS start SID
|
2012-02-20 10:16:13 +01:00 |
Christophe Vandeplas
|
c77d499555
|
Added more clear Edit Profile button -
https://code.lab.modiss.be/p/cydefsig/issues/29/
|
2012-02-20 09:39:46 +01:00 |
Christophe Vandeplas
|
89d0a8d08d
|
miror layout improvements in emails
|
2012-02-11 07:56:41 +01:00 |
Christophe Vandeplas
|
f9d64c99b8
|
fixes HTML entities in email
|
2012-02-11 07:47:05 +01:00 |
Christophe Vandeplas
|
e7479fdad3
|
data validation - duplicate signatures for same event
|
2012-02-10 14:43:02 +01:00 |
Christophe Vandeplas
|
934397c892
|
bugfix userslist and types_histogram
|
2012-02-10 14:17:00 +01:00 |
Christophe Vandeplas
|
7ff925897c
|
list number of events shared by Org
list type of signatures shared by Org
|
2012-02-10 14:03:33 +01:00 |
Christophe Vandeplas
|
7b16857bc7
|
allow string-in-file
|
2012-02-10 11:11:52 +01:00 |
Christophe Vandeplas
|
dd5d4f37d2
|
Snort signature type has no datavalidation
|
2012-02-03 11:13:11 +01:00 |
Christophe Vandeplas
|
4483c2a5f1
|
added 'snort' signature type
|
2012-02-03 11:13:10 +01:00 |
Christophe Vandeplas
|
7ca72ade23
|
added 'snort' signature type
|
2012-02-03 10:59:12 +01:00 |
Christophe Vandeplas
|
ca7085469f
|
Database structure and rough license
|
2012-01-18 15:30:36 +01:00 |
Christophe Vandeplas
|
4a084563d3
|
List members (orgs) of the platform
|
2012-01-17 12:36:32 +01:00 |
Christophe Vandeplas
|
11c4c145b2
|
Allow to hide (default) the name of the Organisation that posted the
event.
|
2012-01-17 10:43:31 +01:00 |
Christophe Vandeplas
|
101a049ff7
|
Fixed filesystem permissions
|
2012-01-05 14:14:54 +01:00 |
Christophe Vandeplas
|
0914e3885e
|
default To IDS checkbox is checked
|
2012-01-05 13:55:53 +01:00 |
Christophe Vandeplas
|
b995b16517
|
to_nids renamed to to_ids and implemented
|
2012-01-05 13:54:09 +01:00 |
Christophe Vandeplas
|
c68c732bf4
|
stylesheet improvements
|
2012-01-05 11:46:59 +01:00 |
Christophe Vandeplas
|
00c4405cc6
|
shows ID in event list and detail
|
2012-01-05 11:03:51 +01:00 |
Christophe Vandeplas
|
eaaef2d7c8
|
micro fix
|
2012-01-05 11:00:22 +01:00 |
Christophe Vandeplas
|
b4966bc154
|
Contact reporter now lets a user add a custom message.
|
2011-12-17 10:27:45 +01:00 |
Christophe Vandeplas
|
45ae4c65c6
|
cleaned workaround for empty password behavior of Auth component
|
2011-12-11 19:39:02 +01:00 |
Christophe Vandeplas
|
a55ced2d30
|
add basic XSRF protection for add, edit actions
|
2011-12-11 18:28:33 +01:00 |
Christophe Vandeplas
|
1980998ee7
|
minor fixes in git repo
|
2011-12-11 16:59:35 +01:00 |
Christophe Vandeplas
|
b81874fc3d
|
authkey reset functionality
and fixed bugs in users_controller
|
2011-12-11 16:57:06 +01:00 |
Christophe Vandeplas
|
5810b0e47e
|
events/snort is now refactored to events/nids
Backwards compatibility with the url is still kept
|
2011-12-11 14:44:20 +01:00 |
Christophe Vandeplas
|
c1e5bdb271
|
implemented relations dynamically
|
2011-12-11 13:29:54 +01:00 |
Christophe Vandeplas
|
84ebbea07c
|
removed forgotten comment
|
2011-12-11 13:26:40 +01:00 |
Christophe Vandeplas
|
b24506e73b
|
fixes authkey generation
|
2011-12-11 13:21:23 +01:00 |
Christophe Vandeplas
|
e1c36e1caf
|
added missing files
|
2011-12-09 11:45:12 +01:00 |
Christophe Vandeplas
|
8e2523d9df
|
fixed Snort export - DNS format
|
2011-12-09 11:40:36 +01:00 |
Christophe Vandeplas
|
27d5788f89
|
xml export now done properly
fixed bug in xml export
|
2011-12-05 22:01:31 +01:00 |
Christophe Vandeplas
|
b7dbc01e47
|
changed snort rule message
|
2011-12-05 19:28:29 +01:00 |
Christophe Vandeplas
|
5d50a17681
|
minor fixes
|
2011-12-05 19:14:11 +01:00 |
Christophe Vandeplas
|
63b7883238
|
fixed email + gpg alert bugs
|
2011-11-28 23:20:45 +01:00 |
Christophe Vandeplas
|
cb26fb51dc
|
color improvement in notification message
|
2011-11-28 23:04:54 +01:00 |
Christophe Vandeplas
|
1aaad192a1
|
better color-based error messages
|
2011-11-27 17:14:59 +01:00 |
Christophe Vandeplas
|
a55af5c2d5
|
moved getRelatedEvents() to Event model
|
2011-11-27 16:27:09 +01:00 |
Christophe Vandeplas
|
33d84787bb
|
micro improvement
|
2011-11-27 16:11:11 +01:00 |
Christophe Vandeplas
|
8645812e2d
|
related info also in alert email
|
2011-11-27 15:32:11 +01:00 |
Christophe Vandeplas
|
1eebc74894
|
added relation between events (implementation not yet ideal)
|
2011-11-27 14:58:54 +01:00 |
Christophe Vandeplas
|
1272c74441
|
added AS a signature type
|
2011-11-26 14:33:25 +01:00 |
Christophe Vandeplas
|
b06beee136
|
only send out encrypted alerts if set in bootstrap config file
|
2011-11-26 12:49:33 +01:00 |
Christophe Vandeplas
|
aa0485c3a4
|
export info in separate page
|
2011-11-26 12:32:00 +01:00 |
Christophe Vandeplas
|
8e9cb8a367
|
minor layout improvements
|
2011-11-26 12:31:06 +01:00 |
Christophe Vandeplas
|
c3388b6a4a
|
minor change
|
2011-11-26 12:29:56 +01:00 |
Christophe Vandeplas
|
90dff61bb3
|
initial import
|
2011-11-26 10:45:31 +01:00 |