diff --git a/README.rst b/README.rst index 447eb5c..6bc68d4 100644 --- a/README.rst +++ b/README.rst @@ -138,9 +138,11 @@ select additional or substitute Maintainers, per `consensus agreements - `Chris Lenk `__; GitHub ID: https://github.com/clenk/; WWW: `MITRE Corporation `__ -- `Emmanuelle Vargas-Gonzalez `__; GitHub ID: - https://github.com/emmanvg/; WWW: `MITRE - Corporation `__ +- `Rich Piazza `__; GitHub ID: + https://github.com/rpiazza/; WWW: `MITRE Corporation `__ + +- `Andy Chisholm `__; GitHub ID: + https://github.com/chisholm/; WWW: `MITRE Corporation `__ - `Jason Keirstead `__; GitHub ID: https://github.com/JasonKeirstead; WWW: `IBM `__ diff --git a/stix2/v21/observables.py b/stix2/v21/observables.py index 44b346c..9a02150 100644 --- a/stix2/v21/observables.py +++ b/stix2/v21/observables.py @@ -561,7 +561,7 @@ class NetworkTraffic(_Observable): ('defanged', BooleanProperty(default=lambda: False)), ('extensions', ExtensionsProperty(spec_version='2.1')), ]) - _id_contributing_properties = ["start", "src_ref", "dst_ref", "src_port", "dst_port", "protocols"] + _id_contributing_properties = ["start", "end", "src_ref", "dst_ref", "src_port", "dst_port", "protocols", "extensions"] def _check_object_constraints(self): super(NetworkTraffic, self)._check_object_constraints() @@ -579,8 +579,8 @@ class NetworkTraffic(_Observable): msg = "{0.id} if 'is_active' is True, 'end' must not be included" raise ValueError(msg.format(self)) - if start and end and end <= start: - msg = "{0.id} 'end' must be greater than 'start'" + if start and end and end < start: + msg = "{0.id} 'end' must be greater than or equal to 'start'" raise ValueError(msg.format(self)) diff --git a/stix2/v21/sro.py b/stix2/v21/sro.py index bfe3f6d..291f507 100644 --- a/stix2/v21/sro.py +++ b/stix2/v21/sro.py @@ -89,7 +89,7 @@ class Sighting(_RelationshipObject): ('sighting_of_ref', ReferenceProperty(valid_types="SDO", spec_version='2.1', required=True)), ('observed_data_refs', ListProperty(ReferenceProperty(valid_types='observed-data', spec_version='2.1'))), ('where_sighted_refs', ListProperty(ReferenceProperty(valid_types=['identity', 'location'], spec_version='2.1'))), - ('summary', BooleanProperty()), + ('summary', BooleanProperty(default=lambda: False)), ('revoked', BooleanProperty(default=lambda: False)), ('labels', ListProperty(StringProperty)), ('confidence', IntegerProperty()), diff --git a/stix2/v21/vocab.py b/stix2/v21/vocab.py index 303692e..2644da5 100644 --- a/stix2/v21/vocab.py +++ b/stix2/v21/vocab.py @@ -301,12 +301,16 @@ INFRASTRUCTURE_TYPE_AMPLIFICATION = "amplification" INFRASTRUCTURE_TYPE_ANONYMIZATION = "anonymization" INFRASTRUCTURE_TYPE_BOTNET = "botnet" INFRASTRUCTURE_TYPE_COMMAND_AND_CONTROL = "command-and-control" +INFRASTRUCTURE_TYPE_CONTROL_SYSTEM = "control-system" INFRASTRUCTURE_TYPE_EXFILTRATION = "exfiltration" +INFRASTRUCTURE_TYPE_FIREWALL = "firewall" INFRASTRUCTURE_TYPE_HOSTING_MALWARE = "hosting-malware" INFRASTRUCTURE_TYPE_HOSTING_TARGET_LISTS = "hosting-target-lists" INFRASTRUCTURE_TYPE_PHISHING = "phishing" INFRASTRUCTURE_TYPE_RECONNAISSANCE = "reconnaissance" +INFRASTRUCTURE_TYPE_ROUTERS_SWITCHES = "routers-switches" INFRASTRUCTURE_TYPE_STAGING = "staging" +INFRASTRUCTURE_TYPE_WORKSTATION = "workstation" INFRASTRUCTURE_TYPE_UNKNOWN = "unknown" @@ -315,12 +319,16 @@ INFRASTRUCTURE_TYPE = [ INFRASTRUCTURE_TYPE_ANONYMIZATION, INFRASTRUCTURE_TYPE_BOTNET, INFRASTRUCTURE_TYPE_COMMAND_AND_CONTROL, + INFRASTRUCTURE_TYPE_CONTROL_SYSTEM, INFRASTRUCTURE_TYPE_EXFILTRATION, + INFRASTRUCTURE_TYPE_FIREWALL, INFRASTRUCTURE_TYPE_HOSTING_MALWARE, INFRASTRUCTURE_TYPE_HOSTING_TARGET_LISTS, INFRASTRUCTURE_TYPE_PHISHING, INFRASTRUCTURE_TYPE_RECONNAISSANCE, + INFRASTRUCTURE_TYPE_ROUTERS_SWITCHES, INFRASTRUCTURE_TYPE_STAGING, + INFRASTRUCTURE_TYPE_WORKSTATION, INFRASTRUCTURE_TYPE_UNKNOWN, ]