iglocska
776ef3ae07
Changes to export validation, CSV export, Whitelist redesign
...
- CSV export for individual events, all events, search results
- Whitelists are now preg_matches instead of simple string matches
- whitelist checks are to be applied on almost all exports
(implementation in progress)
- the exception will be the search result exports, if the (to be
implemented) to_ids only checkbox isn't checked
2013-06-26 14:48:25 +02:00
Christophe Vandeplas
86b1873a80
a
2013-06-24 15:13:33 +02:00
Christophe Vandeplas
ac5c59e9af
minor changes
2013-06-24 15:12:30 +02:00
Christophe Vandeplas
3b28d6f1e8
(workaround) better error message when HTTP problem with Server Pull
2013-06-18 09:12:09 +02:00
iglocska
d2fcda7cc6
Added 2 new type of attributes
...
- sha256 / filename|sha256
- uploading a malware sample now automatically creates a filename|sha1
and a filename|sha256 in addition to the sample|md5
2013-06-12 16:50:21 +02:00
Christophe Vandeplas
fdfd3ba486
micro improvement
2013-06-11 00:44:04 +02:00
Iglocska
4242108b3e
Merge branch 'feature/sync/timestamp' of https://github.com/MISP/MISP into feature/sync/timestamp
2013-06-10 23:01:08 +02:00
Iglocska
f8f290375e
Further changes to the degradation of the distribution
2013-06-10 23:00:45 +02:00
Christophe Vandeplas
68c2fd09fe
Merge branch 'develop' of https://github.com/MISP/MISP into feature/sync/timestamp
...
Conflicts:
app/View/Attributes/index.ctp
app/View/Events/add.ctp
app/View/Events/edit.ctp
2013-06-10 23:00:37 +02:00
Iglocska
06ca5ba0cd
Further changes to the distribution
...
- changed to use the new int field
2013-06-10 20:49:31 +02:00
Iglocska
638a99e0e7
Few changes
2013-06-10 20:34:05 +02:00
iglocska
3c23ac3a86
Change to new distribution
...
- first stage
2013-06-10 17:33:03 +02:00
iglocska
7871336164
Removed incorrect validation
2013-06-10 09:02:20 +02:00
Christophe Vandeplas
bd88c10bf1
removed not necessary sort results in huge performance improvement
2013-06-08 16:55:04 +02:00
iglocska
7059eac08c
Small change to the timestamp
...
- Moved the timestamp generation for attributes and events that are
being saved and don't have one to Model->beforeValidate()
2013-06-07 10:24:03 +02:00
iglocska
1e7665cd6d
Saving over night, something still blocks the timestamp from being saved
...
after a push...
2013-06-06 18:43:26 +02:00
iglocska
0b834464ac
Changes to the event view
...
- reworked the way events are loaded and reloaded to check for
privileges
2013-06-03 17:23:34 +02:00
iglocska
5522578f68
Update to the shadow attributes
...
- UI changes
- changed the relationship between shadowattributes and events to be
hasMany
2013-06-03 16:25:43 +02:00
iglocska
0c30fd1227
Attribute type pipe and mutex
...
- 2 new attribute types
- Same change as on develop
2013-06-03 09:38:55 +02:00
Christophe Vandeplas
03a9b2bcc2
UI event fixes
2013-06-01 11:05:15 +02:00
Christophe Vandeplas
69251490ef
Merge branch 'feature/gui' of https://github.com/MISP/MISP into
...
feature/gui
Conflicts:
app/View/Logs/admin_index.ctp
app/View/Logs/admin_search.ctp
app/View/Users/memberslist.ctp
2013-05-31 17:50:00 +02:00
Christophe Vandeplas
e3ed847ba0
fixing some REST API and XML issues
2013-05-28 11:15:21 +02:00
Christophe Vandeplas
512c74e7bd
minor cleanup
2013-05-22 12:49:40 +02:00
Christophe Vandeplas
62a3da46f2
removed useless hop_count
2013-05-22 08:18:34 +02:00
Iglocska
a707df1b31
Strict messages fixes #99 and user edit requiring to change password
...
fixes #67
- Plugins and the user model were throwing strict messages in php 5.4+
or with E_STRICT on php 5.3 and lower. Should be fixed.
- New cakePHP added automatic HTML5 validation to form fields, which
breaks fields that can alternatively be left empty to not be edited
(such as the password field in user edits) - removed the html5 form
validation from user edits.
2013-05-13 14:27:40 +02:00
Christophe Vandeplas
2776513395
moved fragmented massagedata to Model::beforeValidate()
2013-04-30 08:20:23 +02:00
Andras Iklody
6332dbf05b
Removal of more remnants of the old ACL and tightening of the filename
...
checks
- actAs acl removed from role and user models together with some extra
code related to the ACL
- Fix of the filename regex as pointed out by cvandeplas.
2013-04-29 10:52:07 +02:00
Andras Iklody
b98818ebfb
Small errors with the merge corrected
...
- some errors managed to slip through during the merge, should be fixed
2013-04-25 15:37:49 +02:00
Andras Iklody
4396cec8ea
Integrated ownership, ACL and minor fixes
...
- Orgs can propose new attributes or changes to existing attributes for
events that they do not own
- publishing users of the owner organisation can see, accept or discard
them
- Reworked the access control
- minor fixes
2013-04-25 14:04:08 +02:00
Christophe Vandeplas
23742c543c
rewrote fetching of the related events
2013-04-22 15:04:27 +02:00
Christophe Vandeplas
97f93248f9
remove unused function
2013-04-22 11:14:49 +02:00
Christophe Vandeplas
bc3921eece
new logic to generate correlation, relates to issue #95 . Updated DB
...
schema !
2013-04-22 10:59:55 +02:00
Andras Iklody
63ef768665
Issue with Correlations going missing
...
- Update to the delete in afterSaveCorrelation
2013-04-18 11:06:10 +02:00
Andras Iklody
9a6733acfd
Removal of deprecated code
...
- The flag private is deprecated, removed together with the code that was
affected by it
2013-04-17 11:13:09 +02:00
Christophe Vandeplas
8029d7fa29
removes multiple correlation engines Fixes #83 but after testing issue
...
#95 comes to light
2013-04-16 16:59:12 +02:00
Andras Iklody
be2d6ae3b9
Removed leftover debug code
...
- forced exception to test debug output left in - removed
2013-04-12 13:21:21 +02:00
iglocska
f18ee0da3c
Fix to a validation error
...
- regkey|value's validation was inversed only accepting incorrect entries
2013-03-20 11:02:57 +01:00
iglocska
cdb3c908eb
Validation of vulnerability to CVE number, Fixes #35
2013-03-18 16:50:28 +01:00
Andras Iklody
019e976783
Removed the js title bubble for related events
...
- Removed javascripts based title bubble showing the event info in related
events / attributes and in the search attribute view.
- Replaced it with values provided by extra cake queries as the delay for
fetching the info field through a js rest request was annoyingly slow
- some coding standards
2013-03-08 13:16:02 +01:00
Andras Iklody
3646bca059
Regexp validation
...
- an invalid regexp entry could block any event/attribute from being
entered. Introduced a check on regexp entry to block faulty patterns.
2013-03-07 15:19:55 +01:00
Andras Iklody
83294820bf
Changes to logs and some minor changes
...
- Regexp, blacklist, roles, whitelists now logged
- adminCRUD now sets ID (for the logging) on edit
- some minor UI changes (removal of empty action menues on the left menu
bar)
2013-03-07 11:51:43 +01:00
Andras Iklody
b9d4ac9cba
Subscription to alerts from contact reporter
...
- Users can now choose to subscribe to receive e-mails from the "Contact
Reporter" feature.
2013-03-06 11:34:22 +01:00
Andras Iklody
4a368918eb
Colouring of search terms works in links
...
- links now have proper colouring to make the found terms more visible
2013-03-04 18:05:17 +01:00
Andras Iklody
a72503161b
Fixed some regex issues and file name validation
...
- Fixed an issue that caused attribute values to be converted to 1 on
save in case of an empty regexp table
- Filename validation now happens via whitelisting instead of filename
sanitization
2013-03-04 14:53:52 +01:00
Andras Iklody
8e6852e037
Export distribution
...
- Export didn't take into account distribution rules, should be fixed
- Fixed a bug with editing attributes
2013-02-28 17:16:52 +01:00
Andras Iklody
a7bb5c7767
Composite type change
...
- composite type's value not exploded if value1 already set (to hopefully
fix issues with the migration tool)
2013-02-26 15:38:08 +01:00
Andras Iklody
9a92637a91
Regexp fixed
...
- Regexp replacement didn't actually change the data in the object. Fixed.
2013-02-26 13:45:54 +01:00
Andras Iklody
6dc73314bf
Changes to the distribution handling of attributes
...
- Only the creating org of the event can change the distribution of
attributes
- Attribute distribution setting are only pushed on edits if they were
manually changed (so that the distribution level of events on the
creating server doesn't get degraded by an edit and push of the event at
a synced server when using connected community settings).
- slight change to the batch attribute search, the search terms are only
echoed up to 9 terms to prevent the mass echoing of a long list
2013-02-25 16:38:04 +01:00
Andras Iklody
fad8e809ad
Minor changes
...
- some changes to the access control
- re-renabled regexp and blacklists, will need a closer look though
- editing a role should update ACL
- some other minor things
2013-02-21 17:24:41 +01:00
Andras Iklody
fcd91b1654
Previous commit was slightly off
...
Changed the placing of the unset, as it broke the push of attachments.
Should be fine now.
2013-02-21 10:55:49 +01:00
Andras Iklody
b1174c3733
Major bug with attributes disappearing during sync
...
Found a bug where an instance that has a lower attribute count pushing to
another would cause the attributes with equal attribute ID to get
overwritten with the pushed ones. Unsetting the attribute ID before the
push fixes this.
2013-02-21 10:24:48 +01:00
Andras Iklody
0f947085cb
Reworked the sync / release control
...
- Fixed issues with the sync
- Secondary publishes on remote servers failed
- Introduced new fields in events to stop backward traverse of
edit information that lead to low performance and eroneous
distribution information updates when more than 2 servers were
linked
- Deletion of an attribute now deletes on remote servers
- Changes to the event ownership
- Original creator org now noted in the event itself
- Only original creator org can change distribution
- Events will show up with the original creator org for users
(admins can see both that and the owner of the event on the
local instance)
- Server.organization now used in junction with the connecting
user's org and the instance's org (from the bootstrap) to
determine distribution flow control and access rights
- Lots of minor changes
2013-02-19 15:37:35 +01:00
Noud de Brouwer
ce44cdb529
coding standards
...
this is to the new php53-pear-CakePHP_CodeSniffer-0.1.11.
2013-02-15 14:20:03 +00:00
Andras Iklody
f754eec840
Minor change to the validation
...
- Some types didn't have any validation info, defaulting in an incorrect
input - fixed
- re-enabled the sanitization of file names
2013-02-11 17:23:07 +01:00
Andras Iklody
e17228490b
Minor changes to the validation
2013-02-11 15:56:10 +01:00
Andras Iklody
afed0f2046
Changes to link validation and minor fixes
...
- Links get validated now to filter malicios code
- removed a double edit button in the case of an admin editing himself
- fixed an error with adding new attributes
2013-02-11 11:26:34 +01:00
Andras Iklody
e88a3a9cf7
Updates to security
...
- perm_auth new toggle, can disable auth key usage for a role
- prevents sync / rest with a perm_auth == false key
- some changes to sync to provide better feedback on why it failed
- rewording of distribution options
2013-02-06 17:45:43 +01:00
Andras Iklody
e976242878
Reworked aros_acos creation
...
- moved and fixed the aros_acos creation on the new role creation
- new method in appController that sets all the aros_acos from scratch
(for example for a new instance, or a changed acos / aros table)
- some minor changes, redirects to the terms page on invalid events
removed, etc.
2013-02-05 17:22:37 +01:00
Andras Iklody
7f6f166838
Fixes to access rights, some sanitization, etc
...
- Admins cannot manually change anyone's authkey, they need to generate a
new one via the reset link
- Some pages could be accessed by changing the url - fixed (though needs
further testing)
- Edited a change in the manual that may have been confusing
- Some changes to the way ACL is set up - still needs more work
2013-02-04 17:55:35 +01:00
Noud de Brouwer
a6371f5ad8
coding standards
...
Coding Standards.
2013-01-28 08:32:01 +00:00
Andras
8d88bcb2b5
Fix for the synchronisation
...
An error in the pull fix broke the push/publish feature. Fixed.
2013-01-27 21:27:58 +01:00
Andras Iklody
ce4bf4bd1b
Fixed push/publish
...
Fixed a few issues that caused push/publish not to work
2013-01-24 15:10:59 +01:00
Noud de Brouwer
48ad60eb61
GPG
...
start of check/correct.
2013-01-23 15:22:21 +00:00
Noud de Brouwer
ef0f2201ac
PGP
...
clean key remark.
2013-01-23 13:41:34 +00:00
Noud de Brouwer
9da93c51a6
PGP
...
direction-like-out-commented try.
2013-01-23 12:31:55 +00:00
Andras Iklody
41049c4e83
Distribution level explanation
...
The description of the distribution levels has been updated
2013-01-22 15:18:26 +01:00
Andras Iklody
2718bc6c09
Slight change to distribution description
...
Changed the explanation for each distribution level on event creation
2013-01-22 15:14:08 +01:00
Noud de Brouwer
6e06f665a8
Blacklist
...
Blacklist gets activated on Event.info and Attribute.value.
2013-01-10 14:43:37 +00:00
Noud de Brouwer
3dec0d997b
Behavior
...
Use settings, par-example, name a field to Import Blacklist.
2013-01-10 12:37:07 +00:00
Noud de Brouwer
5fc0656896
Blacklist
...
A list of stringparts not to be able to enter.
2013-01-09 14:58:52 +00:00
Noud de Brouwer
a9a1bc91a1
AdminCrud and coding standard
...
more AdminCrud and coding standard clean up.
2013-01-04 15:48:46 +00:00
Noud de Brouwer
1e518f8bc0
Import Regexp
...
Renamed Import Whitelist to Import Regexp.
2012-12-20 18:47:38 +00:00
Andras Iklody
879154eab2
Fixed deprecated errors
...
Removed cause of deprecated errors (Pass by reference)
2012-12-20 14:48:23 +01:00
Noud de Brouwer
f6c140e1dc
coding standards
...
Coding Standards.
2012-12-19 13:34:40 +00:00
Noud de Brouwer
71dea125ae
Merge branch 'develop' of ssh://misp.ncirc.nato.int/home/git/cydefsig into develop
2012-12-19 10:35:07 +00:00
Charlie Root
e474b8e189
generateAllFor<FieldName>
...
conflicts with CAKE/Model/Model::_call() so no findBy<FieldName>.
(and various very minor other things.)
2012-12-19 10:30:10 +00:00
Andras Iklody
2497f87a41
Removed option "Sandbox" from analysis
2012-12-19 10:21:34 +01:00
Noud de Brouwer
9ca03f1f37
coding standards
...
Coding Standards.
2012-12-19 01:48:53 +00:00
Noud de Brouwer
2643da164c
coding standards
...
Coding Standards.
2012-12-18 19:36:34 +00:00
Noud de Brouwer
d89ab91dee
coding standards
...
Coding Standards.
2012-12-18 16:44:07 +00:00
Noud de Brouwer
8864ee78f7
generateAllFor<FieldName>
...
so we can use an URL like:
http://localhost/ <TableName>/generateAllFor<FieldName>/newValue/oldValue
for example:
http://localhost/events/generateAllForAnalysis/0/null
http://localhost/users/generateAllForInvitedBy/1/0
http://localhost/users/generateAllForRoleId/1/0
2012-12-18 03:50:52 +00:00
Andras Iklody
38506ecaf8
Added missing 4th option to analysis levels
2012-12-17 17:52:30 +01:00
Andras Iklody
7def9f6afc
Fixed an issue with the events
2012-12-17 17:31:10 +01:00
Andras Iklody
1ceadab700
Added features from branch analysis_levels
...
-Analaysis levels setable for events as per milestone item 94
-Password change forced as per milestone item 109
-Added feedback on entered search terms for search attributes
-fixed the authentication issue
-some minor fixes
2012-12-17 15:51:30 +01:00
noud
9e9f34cb58
Merge branch 'master' into develop
2012-12-13 16:26:29 +01:00
noud
5ae254792c
oeps
...
leftover debug() removed.
2012-12-13 16:25:53 +01:00
noud
2903493205
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AttributesController.php
app/Controller/EventsController.php
2012-12-13 16:03:35 +01:00
noud
276cb5df10
RESTfull sync
...
this is in responce to the email
From: <User1088@QET.BE>
To: <ndebrouwer@hotmail.com>, <andrzej.dereszowski@ncirc.nato.int>
Subject: Re: sync/REST
Date: Fri, 7 Dec 2012 13:30:10 +0000
in this there is a complaint about the RESTfull sync workings.
the email hints about 2 possible options:
i) RESTfull add event without attributes (conform the web interface)
ii) RESTfull add event with attributes (more conform the code)
both are implemented and can be choisen in bootstrap.php by
Configure::write('CyDefSIG.rest', 'ii') or 'i'.
2012-12-13 15:52:00 +01:00
noud
094719fa01
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Model/Event.php
2012-12-12 18:01:39 +01:00
noud
26c8ad57ee
Role
...
renamed everything group to role (i.s.o. renaming just the visable).
2012-12-12 16:15:01 +01:00
noud
079ce88793
RESTfull sync
...
Let RESTfull only work conform the web pages (to Christophes wish),
so add/edit event apart from add/edit attribute.
(there is annotation in the code to revert back to full RESTfull and
add/edit the attribute(s) alongside add/edit the event.)
2012-12-11 16:11:45 +01:00
noud
6f4b72f214
RESTfull sync
...
redone delete attribute and add that to the sync.
2012-12-11 10:33:32 +01:00
noud
718691a627
RESTfull
...
make RESTfull event add and edit work again.
2012-12-10 13:49:56 +01:00
noud
e24ff690bb
RESTfull/sync
...
redid the sync, so if add and exist, send HTTP 302 and different
Location, and do edit there.
Still, the final result has to compare the attributes and if needed
RESTfull delete.
2012-12-07 13:56:19 +01:00
noud
2b76d6011f
correlation
...
corrected very old error if one event got 3 attributes having the
same value1 but variation in value2.
(in the past the correlation got signed to the 1st attribute, not to the
respective attributes.)
2012-12-05 14:52:03 +01:00
noud
d453ee1d99
Import Whitelist
...
if not regex and only replacement, consider that as a comment.
2012-12-05 10:14:14 +01:00
noud
98a2df0280
Import Whitelist
...
if Import Whitelist item has regex and no replacement, then do not allow
an attribute having value the regex and do not allow events having info
conform that regex.
2012-12-04 08:51:27 +01:00
noud
053edeb304
regex and blacklist
...
blacklist, as in, do not input attributes, is working now,
for manual, batch and GFI Sandbox import.
2012-12-03 10:34:28 +01:00
noud
2af02aa100
input regex
...
use RegexBehavior on Event.info and Attribute.value.
2012-11-30 13:52:09 +01:00
noud
eff2f77126
trim
...
use the TrimBehavior on all inputable models.
2012-11-29 09:35:57 +01:00
noud
1e4597c009
distribution
...
if distribute upstream, do not alter org, user_id nor distribution
settings.
2012-11-28 11:09:08 +01:00
noud
7ff004f5d6
correlation
...
altered so an event distribution preveals over it's attributes
distribution.
2012-11-28 10:55:23 +01:00
noud
a3524bb0ee
coding standards
...
correct conform coding standards.
2012-11-27 12:51:00 +01:00
noud
be472df5b5
trim
...
add TrimBehavior to use in Servers and lateron in Attributes.
2012-11-26 15:34:54 +01:00
noud
fb41a0c2ca
validation
...
trim all string fields in server.
(later bring this to AppModel or behavior level)
2012-11-26 12:19:06 +01:00
noud
fb6014efc4
coding standards
...
better parameters on callback routines.
2012-11-23 08:57:34 +01:00
noud
016df03ba7
sync
...
validation on server.authkey having minlenght of 40 like user.authkey.
2012-11-20 17:18:16 +01:00
noud
5d58c52281
sync
...
corrected pull for events having no distributable attributes.
2012-11-20 14:35:02 +01:00
noud
957b3e27b8
Merge branch 'master' into develop
...
Conflicts:
app/Controller/ServersController.php
2012-11-20 11:01:18 +01:00
noud
2f53972b99
code standards
...
conform code standards.
2012-11-20 08:37:33 +01:00
noud
b2c268845f
code standards
...
respect code standards.
2012-11-19 14:49:38 +01:00
noud
52c9114694
sync
...
array correction done so no 2 kinda the same tests during pull.
2012-11-19 13:42:41 +01:00
noud
543f7c3570
sync
...
pull goes okay with just one event.
pull with multiple events was already okay.
2012-11-19 13:25:40 +01:00
noud
1cddb6abe0
distribution
...
conform latest, having:
- Your organization only
- This server-only
- This Community-only
- Connected communities
- All communities
Push is tested, pull not yet.
2012-11-16 15:25:57 +01:00
noud
2a12a5db3e
dns
...
config if there is a name server available and do not use if not there.
2012-11-16 11:22:19 +01:00
noud
247525ccbf
sync (publish)
...
Event publish button in events index and event view does
report push failure(s) if any remote server is down.
2012-11-16 10:09:04 +01:00
noud
fdd999ef35
correlation
...
fixed correlations being double accounted.
2012-11-15 15:53:07 +01:00
noud
7a96c66b49
whitelist
...
cleanup whitelist.
2012-11-15 09:31:34 +01:00
noud
ea0ab59e4f
code standards
...
corrections toward code standards.
2012-11-14 17:16:36 +01:00
noud
6b06ba7ff6
count & GFI Sandbox
...
count # attributes in events index.
plus various fixes for distribution in correlation of a GFI Sandbox
upload.
2012-11-14 16:14:04 +01:00
noud
7171b5027e
correlation
...
if second attribute, create the reverse correlation as well.
2012-11-14 11:28:42 +01:00
noud
723ef6c3d1
correlation
...
respect distribution Org in correlations.
(for this
add correlations.1_private conform MYSQL.correlaton.sql
and
AppController::generateCorrelation() must be run)
2012-11-13 14:13:38 +01:00
noud
1183437606
correlation
...
respect distribution Org only.
2012-11-09 13:42:15 +01:00
noud
a2bc237bcd
RBAC
...
should now respect Manage, so also edit, own and org events.
2012-11-08 14:09:52 +01:00
noud
f7c5127da2
RBAC
...
change the “Requested Level of User Access” items
conform "draft of Terms-ofUse and Joining Instruction".
2012-11-08 10:31:50 +01:00
noud
2785512268
distribution
...
removed No push leftovers as a distribution.
2012-11-07 15:41:50 +01:00
noud
f66b199f26
distribution
...
removed No push as a distribution.
2012-11-05 13:05:31 +01:00
noud
d17d5b6b8a
distribution
...
do not push Community nor No push conform private.
2012-11-02 13:37:33 +01:00
noud
6495787023
Audit log
...
Following events are now being logged:
1. Adding a new user.
2. Deleting a user.
2012-10-31 15:34:43 +01:00
noud
f82c3f5f0c
dropdowns
...
let the risk dropdown in event add and edit behave like the other
dropdowns.
2012-10-30 12:54:04 +01:00
noud
39abe9e589
Distribution
...
distribution changes conform func.spec.
2012-10-29 16:49:04 +01:00
noud
cfe6535f97
distribution
...
better descriptive tooltip text.
2012-10-24 11:20:36 +02:00
noud
0232148631
dropdowns
...
better optgroup support in dropdowns where 'ALL' or '' is used
in Search Attributes and Search Logs.
2012-10-24 10:42:32 +02:00
Christophe Vandeplas
1f47003069
Merge branch 'master' of code.lab.modiss.be:cydefsig
2012-10-23 17:55:20 +02:00
noud
b6c6fda2ee
outcommented a debug (PGP related).
2012-10-23 15:01:34 +02:00
noud
4b096fa584
distribution
...
changes and cleanup.
2012-10-23 11:28:39 +02:00
noud
1f428e4aa5
Wording change
...
so this works.
2012-10-22 16:39:33 +02:00
Andrzej Dereszowski
25e63dda68
Wording change
...
Changed Private column to Distribution + some minor vocabulary changes.
2012-10-22 16:29:08 +02:00
Christophe Vandeplas
9ae92ddd5c
fixes download-sync-bug when only one event is present on the remote
...
instance
2012-10-22 15:53:36 +02:00
noud
0d65adc9d5
Merge branch 'master' into develop
2012-10-19 13:31:19 +02:00
noud
eae89d95cd
Private.
...
Add "Pull only" as a sharing state where,
everybody does see an event, is pullable,
but will never be pushed.
Has a generatePrivate for db conversion now.
2012-10-18 11:40:12 +02:00
Andrzej Dereszowski
0402c291a2
New attribute type - yara sig
2012-10-18 09:56:46 +02:00
noud
67e50cb612
Private
...
Private events are true private and
running a server in 2 modes (private and sync),
so real private (red) or private to server (amber)
or full distributable (green).
Mind this needs a change to tables events, attributes and correlation.
These are in MYSQL.private.sql.
2012-10-17 14:45:26 +02:00
noud
5bef441aba
GFI Sandbox
2012-10-17 10:42:09 +02:00
noud
7bf0e2f882
Groups
...
Do not delete group if there is still Users as children.
2012-10-10 10:53:52 +02:00
noud
d112775251
Merge branch 'master' into develop
2012-10-09 13:10:27 +02:00
noud
739c334a8d
validation.
...
corrected again..filename was wrong,
filename|md5 was correct.
so reverted the filename|md5 change.
2012-10-05 13:35:08 +02:00
noud
23776d31bb
Code Standards.
...
Somehow 2 "!"s got lost in Attribute.php.
Somehow one change from type_definitions to typeDefinitons sliped
through.
2012-10-03 11:09:30 +02:00
noud
ec0892a6ad
Merge branch 'master' into develop
...
Conflicts:
app/Config/bootstrap.php
2012-09-25 15:54:25 +02:00
noud
18fb8a7a64
CakePHP
...
Update from CakePHP to version 2.2.2
as well as needed patch files.
2012-09-25 15:41:58 +02:00
noud
8f3d624c1a
Merge branch 'master' into develop
...
Conflicts:
app/Controller/AppController.php
app/Controller/AttributesController.php
app/Controller/EventsController.php
app/Controller/ServersController.php
app/Controller/UsersController.php
app/Model/Attribute.php
app/Model/Event.php
app/Model/Server.php
app/Model/User.php
app/View/Attributes/edit.ctp
app/View/Attributes/index.ctp
app/View/Elements/actions_menu.ctp
app/View/Events/add.ctp
app/View/Events/index.ctp
app/View/Events/view.ctp
app/View/Events/xml/view.ctp
app/View/Servers/index.ctp
app/View/Users/admin_index.ctp
2012-09-24 16:02:01 +02:00
noud
8179a1a691
Merge and code standards.
...
Forgot to clean View/Helper/AppHelper.php.
Changed underscore method names to private and protected where
appropriate given phpcs code standards errors.
2012-09-24 09:02:09 +02:00
noud
7129bb18a3
Merge.
...
validateAttributeValue always has to return true.
2012-09-24 08:27:22 +02:00
noud
113b445bcf
Better placement of plugins (touching RBAC & Audit log)
...
If it's just an existing behavior or lib,
place it in a plugin directory structure in <cydefsig>/plugins.
If there is a need to change an extern existing plugin,
extend the existing plugin by a new plugin in <cydefsig>/app/Plugin.
This way there is a very clean devision between own and external code.
The external code can be updated without touching own nor changed code.
2012-09-20 11:34:41 +02:00
noud
df3e6dd765
CakePHP Coding Standards
...
Not return in a switch but after that switch statement.
2012-09-19 11:24:12 +02:00
noud
1d04652476
CakePHP Coding Standards
...
changed to camel caps format where needed.
2012-09-19 11:05:10 +02:00
noud
94a367c2f5
CakePHP Coding Standards
...
http://book.cakephp.org/2.0/en/contributing/cakephp-coding-conventions.html
Eclipse:
Window->Preferences
General->Editors->Text Editors
Displayed tab width: 4
Insert spaces for tabs NOT
PHP->Code Style->Formatter
Tab policy: Tabs
File->Convert Line Delimeters To->Unix [default]
http://mark-story.com/posts/view/static-analysis-tools-for-php
for instance:
phpcs --standard=CakePHP app/Model/
Not yet done is all camel caps format.
2012-09-18 15:30:32 +02:00
noud
253d8e1b58
Merge branch 'master' into develop
...
Conflicts:
app/Controller/EventsController.php
app/Model/Attribute.php
app/View/Events/view.ctp
2012-09-17 13:02:53 +02:00
Christophe Vandeplas
e07950c68d
removed published from
2012-09-05 13:28:40 +02:00
Christophe Vandeplas
35e1a455cd
further cleanup of logo improvement
2012-08-31 10:45:54 +02:00
noud
4ae71fc963
Sync.
...
Sync worked, but we did not know what to do with user_id and org.
Now, on sync, anonymize the user_id, get the Server.organization and put
that into Event.org.
And, display owning flag if Event.user_id or get the Server.logo
belonging to Event.org (=Server.organization) when Event.user_id is
empty (=0).
To this there is organization name and logo in bootstrap and
other organizations names and logos in Servers.
2012-08-28 15:36:14 +02:00
noud
ea5ea121e3
Add attribute.
...
Add attribute, do not fill in any, and hit Submit, did give error
messages.
2012-08-24 14:09:17 +02:00
noud
7d98c5f31e
GFI Sandbox upload.
...
If add event, give a GFI Sandbox export file upload field option.
Unzip, read .xml, add attachment malware, created files and ip-dst.
2012-08-22 16:04:55 +02:00
noud
19bb9b0a81
LogableBehavior.
...
removed some debug() and fixed writing to syslog when deleting event
with attributes.
2012-08-22 15:57:22 +02:00
noud
7e23e3bc77
Event.user_id rollback(-part).
2012-08-22 15:19:28 +02:00
noud
8c1cfa731a
loggable behaviour.
...
some merge correction for events and servers, so we log again.
2012-08-22 14:39:41 +02:00
noud
474058cc24
use DS in stead of '/'.
2012-08-21 16:57:42 +02:00
noud
b7a5d8a3f8
Delete (published) event or attribute.
...
Previous, upon delete only on the local server the event or attribute
was deleted.
Now, if delete, look for same event or attribute (using it's uuid)
and delete on remote servers as well.
Also look and delete if not published, so no dangling/zombie copies
remain on remote servers.
2012-08-21 16:55:57 +02:00
noud
44172d244b
Authkey validation.
...
An authkey with any length, so less then 40, could be entered.
Now authkey has to have a length of 40 (or higher).
2012-08-17 08:42:21 +02:00
noud
cdc7484944
REST edit Event implementation.
...
Now after publish, edit and (re)publish an event,
that event will be updated on the other servers.
2012-08-07 11:57:52 +02:00
noud
8dc4fa383b
Event.user_id.
...
Event.user_id was re-added but we still missed some,
so an added event would get user_id set to zero.
Now Event gets the correct user_id again from
the person logged in and adding.
(lateron this must not be used during sync.)
2012-08-06 14:27:55 +02:00
noud
b24acfb4a5
Whitelist.
...
An admin can maintain a whitelist of host, domain name and ip numbers.
In the NIDS export lines containing whitelist items are commented out.
2012-08-06 10:42:46 +02:00
noud
2dea0e347d
Correlation performance gain.
...
in Config/bootstrap.php add
Configure::write('CyDefSIG.correlation', 'sql');
possible values:
- default, like it was
- db, correlation in database
- sql, selection on attributes i.s.o. per attribute
(sql improvement possible if result conform db above)
Network activity, ip-src
30 class-C network ip addresses
(7650 tupels) (time in ms)
default db sql
all 25366 16601 15941
24839 16604 15611
paginated 16759 8447 6615
17734 8639 8846
this is used in both:
- events/view/<id>
- attributes/event/<id>
2012-08-03 12:00:16 +02:00
noud
01980dbe88
Fix to pulling from an unknown server.
...
- a server having a non-existing internet name gives
"php_network_getaddresses:
getaddrinfo failed: Name or service not known"
on pull.
2012-08-01 10:20:17 +02:00
noud
0854e19439
Sync Servers, fix if server no MISP or non-existing hostname.
...
- a server containing no MISP gives "XML cannot be read." on publish.
- a server having a non-existing internet name gives
"php_network_getaddresses: getaddrinfo failed: Name or service not
known" on publish.
2012-08-01 09:06:39 +02:00
Andrzej Dereszowski
3ff180e898
Merge branch 'develop_0.2.2-0.2.3' into develop
...
Conflicts:
app/Config/Schema/schema_0.2.2.php
app/Config/routes.php
app/Controller/AppController.php
app/Controller/UsersController.php
app/Model/User.php
app/README.txt
2012-07-24 16:09:48 +02:00
noud
de89d28caa
Fix, paging on event with lots of attributes.
2012-07-20 13:27:55 +02:00
noud
e9234bcee7
Fixed non-printable in no-composite attribute.
2012-07-20 08:48:12 +02:00
noud
78f629e6dd
Redo Event.user_id
2012-07-19 14:52:27 +02:00
Andrzej Dereszowski
bf98f2db3c
Merge branch 'develop_0.2.2_fixes' into develop
...
Conflicts:
app/Model/Attribute.php
2012-07-11 16:15:27 +02:00
noud
5c1a8e22fb
Fix, do strtolower on types filename|md5 and filename|sha1 conform types
...
md5 and sha1.
2012-07-11 14:35:46 +02:00
noud
8f4727e3ad
Correction to upload so zip only ticked when malware and not when
...
attachement.
2012-07-10 11:39:43 +02:00
noud
4ac501d54e
Only show categories with type attachment or malware-sample in Add
...
Attachement view. (this was..No possibility to upload if type
attachement or malware-sample is not in category.)
2012-07-09 14:14:55 +02:00
noud
ed41233f2a
No possibility to upload if type attachement or malware-sample is not in
...
category.
2012-07-06 13:48:17 +02:00
noud
63bdfe2961
Edit composite attribute to non-composite attribute fix.
2012-07-04 14:05:18 +02:00
deresz
50e3566f3a
Some modifications to category/attribute matrix. MISP database is now compatible for sync with CyDefSIG.
2012-07-04 11:28:40 +02:00
noud
5bac9ac928
Forgot LogableBehavior in the first commit.
2012-07-02 12:52:57 +02:00
noud
66c5312ea6
DataBase migrate, Audit and Access Control granulation.
2012-06-28 17:24:12 +02:00
root
b4558887ce
Revert "Audit and ACL first cut."
...
This reverts commit 5818231f48
.
2012-06-26 09:40:52 +02:00
noud
5818231f48
Audit and ACL first cut.
2012-06-25 15:54:52 +02:00
Christophe Vandeplas
7cea666c9b
fix an php error when importing attributes with incorrect type -
...
category validation
2012-06-13 16:02:27 +02:00
Christophe Vandeplas
957e4f232b
minor memory usage improvements by referencing in foreach ($array as
...
&$value) loop
2012-06-11 11:40:31 +02:00
Christophe Vandeplas
2d335f5dbe
cleanup of comments and todos
...
minor memory performance improvement
2012-06-11 11:01:58 +02:00
Christophe Vandeplas
082e1f2784
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop
2012-06-08 17:04:46 +02:00
Christophe Vandeplas
5eb6a89384
removed reference to useless user_id.
...
fixed bug where Contact reporter doesn't work when user does not exist
(contact reporter now sends mails to all the org)
2012-06-08 16:57:10 +02:00
Andrzej Dereszowski
2b63f955a6
I think comment should not be correlated neither but correct me if I'm wrong
2012-06-08 12:24:01 +02:00
Christophe Vandeplas
0687d3f6f4
fixed huge SQL injection vulnerability created in bruteforce protection.
...
Shame on me !!!
2012-06-06 11:12:19 +02:00
Christophe Vandeplas
9cd1b0469d
minor change
2012-06-06 11:03:08 +02:00
Christophe Vandeplas
6e9ab97791
implementation of a anti-brute-force password guessing mechanism.
2012-06-06 11:00:02 +02:00
Christophe Vandeplas
c95f8904a0
removed description field ( should be replaced by comment )
2012-06-03 22:52:46 +02:00
Christophe Vandeplas
39fb9bca1d
Attribute types validation is now a separate function that uses the
...
Attribute->type_definitions variable
2012-05-31 17:12:26 +02:00
Christophe Vandeplas
aac2f5926f
minor fixes
2012-05-31 08:55:51 +02:00
Christophe Vandeplas
8505396b25
select boxes with filtering now
2012-05-30 18:11:44 +02:00
Christophe Vandeplas
f35c311651
improved documentation
2012-05-30 17:13:35 +02:00
Christophe Vandeplas
24e7139e45
minor fix in Attribute tooltip
...
more documentation (autogenerated)
2012-05-30 10:24:57 +02:00
Andrzej Dereszowski
7ee4d29fac
Fixed merge conflicts with HEAD at belmod
...
Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop
Conflicts:
app/Controller/EventsController.php
app/Model/Attribute.php
2012-05-29 17:19:36 +02:00
Andrzej Dereszowski
1a91c2f49b
Help messages implementation (forms and list views).
2012-05-29 16:53:50 +02:00
Andrzej Dereszowski
51dbbcfa13
Explanation messages implemenented for forms and for list views (using
...
"title" html element)
2012-05-29 16:50:45 +02:00
Christophe Vandeplas
4d70df3b32
fixed error when type was not set
2012-05-25 11:03:38 +02:00
Christophe Vandeplas
ad69aeb38f
only sync event on publish when sync feature is on
2012-05-25 09:34:54 +02:00
Christophe Vandeplas
747c211723
auto-upload when publish event
2012-05-25 09:31:14 +02:00
Christophe Vandeplas
efa590de23
moved some functions around
2012-05-25 08:13:40 +02:00
Christophe Vandeplas
cd30bb5d30
push / pull seems to work with attachment support. Lots of testing
...
required.
2012-05-23 16:32:46 +02:00
Christophe Vandeplas
6d8b0a98b0
attachment support in REST API
2012-05-22 13:58:37 +02:00
Christophe Vandeplas
00d62ab722
REST XML request also received base64 encoded file content
2012-05-21 15:20:25 +02:00
Christophe Vandeplas
9e9837d59d
Basic sync push seems to work
2012-05-03 14:32:49 +02:00
Christophe Vandeplas
97a5790938
fixes bug in discovered while running migrate02to021 script
2012-04-25 13:56:25 +02:00
Christophe Vandeplas
6e9f0f0d24
split value to value1 and value2.
...
You need to update the DB schema and run /events/migrate02to021 to
migrate the data
2012-04-25 13:17:44 +02:00
Christophe Vandeplas
aea079b8c4
bugfix in Attribute validation
...
Do not search for related attributes for specific types
2012-04-25 10:30:23 +02:00
Christophe Vandeplas
388f3cc445
Merge commit '280baac98902789ee69186539474a2e82156659e' into develop
...
Resolved Conflicts in:
app/View/Events/view.ctp
2012-04-25 09:04:07 +02:00
Andrzej Dereszowski
29c5411ece
minor cosmetic changes
2012-04-13 10:53:53 +02:00
Christophe Vandeplas
a2d073b7b9
REST POST of event and signatures works (basics, no error-handling)
2012-04-10 15:47:42 +02:00
Christophe Vandeplas
a45b70bc8d
Add, edit, delete and (basic) Manual Sync server functionality added
2012-04-04 20:22:22 +02:00
Christophe Vandeplas
7f33beaa4c
Micro usability improvement
2012-04-04 19:03:39 +02:00
Christophe Vandeplas
49aaced78a
Merge commit '9e043116228c4866b18e92acb076462845bcf22a' into develop
...
Fixed conflicts in: app/View/Events/view.ctp
2012-04-04 17:53:51 +02:00
Andrzej Dereszowski
faffe87ea6
- some bugfixes in validation corrected
...
- new attribute type - link to external site
2012-04-02 19:24:50 +02:00
Andrzej Dereszowski
6c5a5aa427
- small bug with "No GPG key" message marked in the code
...
- path to homedir for GPG added in User.php
2012-04-02 12:14:27 +02:00
Christophe Vandeplas
2142585710
Implemented basics for private, nonsyncable, Events or Attributes.
2012-04-01 18:41:47 +02:00
Christophe Vandeplas
67d3a9f9d2
minor changes
2012-04-01 15:49:01 +02:00
Christophe Vandeplas
aa8ba55dac
First experimental test of importing events from a remote server.
...
Only new events are imported.
2012-03-31 19:06:43 +02:00
Christophe Vandeplas
20cddd07db
changed alerted -> published
...
other minor fixes
2012-03-27 14:49:31 +02:00
Christophe Vandeplas
da99625a6c
minor change in getRelatedAttributes function
2012-03-27 14:02:49 +02:00
Christophe Vandeplas
1518b1ebcc
filename|sha1 data validation
2012-03-27 11:03:57 +02:00
Christophe Vandeplas
67907864a1
filename|sha1
2012-03-27 11:01:33 +02:00
Christophe Vandeplas
7c4394682d
Renamed Signature to Attribute
2012-03-26 19:56:44 +02:00
Christophe Vandeplas
df7efb9d88
number of entries in the index lists
2012-03-26 13:11:06 +02:00
Christophe Vandeplas
7b1673d212
md5 and sha1 hashes now automatically lowercase
...
cleaned up some code and fixed some vulnerabilities
2012-03-25 15:56:29 +02:00
Christophe Vandeplas
0ed69399b1
extra vulnerability type
2012-03-24 10:48:06 +01:00
Christophe Vandeplas
da2687846b
Implemented file-upload of attachment or password protected
...
malware-samples. Base code contributed by Andrzej Dereszowski
2012-03-23 20:04:22 +01:00
Christophe Vandeplas
da48ad4769
Confirm password functionality (thanks to Andrzej)
2012-03-22 10:06:33 +01:00
Christophe Vandeplas
23572019bb
Signature is now known as Attribute
2012-03-21 21:25:16 +01:00
Christophe Vandeplas
ce0c0aba0e
isAuthorized now handles permissions on admin,delete,edit,... actions
2012-03-20 14:57:52 +01:00
Christophe Vandeplas
495cc1a6c2
UUID support for syncing
2012-03-20 13:40:58 +01:00
Christophe Vandeplas
b79d16291b
Fixes bug: to_ids should be there otherwise you cannot edit the
...
signature to change the "to_ids" checkbox. By Andrzej Dereszowski
2012-03-18 08:02:31 +01:00
Christophe Vandeplas
07f6b5e090
cleanup old __('Actions') and non echo __()
2012-03-16 14:13:31 +01:00
Christophe Vandeplas
865a24d0bd
Migration to CakePHP 2.1.
...
Most of the functionality migrated, Q&A review required.
2012-03-15 15:06:45 +01:00