mirror of https://github.com/MISP/misp-objects
commit
f9d6ba3f08
|
@ -71,6 +71,7 @@ for a specific attribute.
|
|||
* [objects/asn](objects/asn/definition.json) - Autonomous system object describing a BGP autonomous system which can include one or more network operators management an entity (e.g. ISP) along with their routing policy, routing prefixes or alike.
|
||||
* [objects/av-signature](objects/av-signature/definition.json) - Antivirus detection signature.
|
||||
* [objects/bank-account](objects/bank-account/definition.json) - Object describing bank account information based on account description from goAML 4.0.
|
||||
* [objects/bgp-hijack](objects/bgp-hijack/definition.json) - Object encapsulating BGP Hijack description as specified, for example, by bgpstream.com
|
||||
* [objects/cap-alert](objects/cap-alert/definition.json) - Common Alerting Protocol Version (CAP) alert object.
|
||||
* [objects/cap-info](objects/cap-info/definition.json) - Common Alerting Protocol Version (CAP) info object.
|
||||
* [objects/cap-resource](objects/cap-resource/definition.json) - Common Alerting Protocol Version (CAP) resource object.
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
{
|
||||
"required": [
|
||||
"expected-asn",
|
||||
"detected-asn",
|
||||
"start",
|
||||
"subnet-announced"
|
||||
],
|
||||
"attributes": {
|
||||
"expected-asn": {
|
||||
"description": "Expected Autonomous System Number",
|
||||
"ui-priority": 1,
|
||||
"misp-attribute": "AS"
|
||||
},
|
||||
"detected-asn": {
|
||||
"description": "Detected Autonomous System Number",
|
||||
"ui-priority": 1,
|
||||
"misp-attribute": "AS"
|
||||
},
|
||||
"description": {
|
||||
"description": "BGP Hijack details",
|
||||
"ui-priority": 1,
|
||||
"misp-attribute": "text"
|
||||
},
|
||||
"country": {
|
||||
"description": "Country code of the main location of the attacking autonomous system",
|
||||
"ui-priority": 1,
|
||||
"misp-attribute": "text"
|
||||
},
|
||||
"subnet-announced": {
|
||||
"description": "Subnet announced",
|
||||
"ui-priority": 0,
|
||||
"misp-attribute": "ip-src",
|
||||
"multiple": true
|
||||
},
|
||||
"start": {
|
||||
"description": "First time the Prefix hijack was seen",
|
||||
"disable_correlation": true,
|
||||
"ui-priority": 0,
|
||||
"misp-attribute": "datetime"
|
||||
},
|
||||
"end": {
|
||||
"description": "Last time the Prefix hijack was seen",
|
||||
"disable_correlation": true,
|
||||
"ui-priority": 0,
|
||||
"misp-attribute": "datetime"
|
||||
}
|
||||
},
|
||||
"version": 1,
|
||||
"description": "Object encapsulating BGP Hijack description as specified, for example, by bgpstream.com",
|
||||
"meta-category": "network",
|
||||
"uuid": "42355673-1fab-4908-8045-00bebd91c389",
|
||||
"name": "bgp-hijack"
|
||||
}
|
Loading…
Reference in New Issue