mirror of https://github.com/MISP/misp-objects
commit
f9d6ba3f08
|
@ -71,6 +71,7 @@ for a specific attribute.
|
||||||
* [objects/asn](objects/asn/definition.json) - Autonomous system object describing a BGP autonomous system which can include one or more network operators management an entity (e.g. ISP) along with their routing policy, routing prefixes or alike.
|
* [objects/asn](objects/asn/definition.json) - Autonomous system object describing a BGP autonomous system which can include one or more network operators management an entity (e.g. ISP) along with their routing policy, routing prefixes or alike.
|
||||||
* [objects/av-signature](objects/av-signature/definition.json) - Antivirus detection signature.
|
* [objects/av-signature](objects/av-signature/definition.json) - Antivirus detection signature.
|
||||||
* [objects/bank-account](objects/bank-account/definition.json) - Object describing bank account information based on account description from goAML 4.0.
|
* [objects/bank-account](objects/bank-account/definition.json) - Object describing bank account information based on account description from goAML 4.0.
|
||||||
|
* [objects/bgp-hijack](objects/bgp-hijack/definition.json) - Object encapsulating BGP Hijack description as specified, for example, by bgpstream.com
|
||||||
* [objects/cap-alert](objects/cap-alert/definition.json) - Common Alerting Protocol Version (CAP) alert object.
|
* [objects/cap-alert](objects/cap-alert/definition.json) - Common Alerting Protocol Version (CAP) alert object.
|
||||||
* [objects/cap-info](objects/cap-info/definition.json) - Common Alerting Protocol Version (CAP) info object.
|
* [objects/cap-info](objects/cap-info/definition.json) - Common Alerting Protocol Version (CAP) info object.
|
||||||
* [objects/cap-resource](objects/cap-resource/definition.json) - Common Alerting Protocol Version (CAP) resource object.
|
* [objects/cap-resource](objects/cap-resource/definition.json) - Common Alerting Protocol Version (CAP) resource object.
|
||||||
|
|
|
@ -0,0 +1,53 @@
|
||||||
|
{
|
||||||
|
"required": [
|
||||||
|
"expected-asn",
|
||||||
|
"detected-asn",
|
||||||
|
"start",
|
||||||
|
"subnet-announced"
|
||||||
|
],
|
||||||
|
"attributes": {
|
||||||
|
"expected-asn": {
|
||||||
|
"description": "Expected Autonomous System Number",
|
||||||
|
"ui-priority": 1,
|
||||||
|
"misp-attribute": "AS"
|
||||||
|
},
|
||||||
|
"detected-asn": {
|
||||||
|
"description": "Detected Autonomous System Number",
|
||||||
|
"ui-priority": 1,
|
||||||
|
"misp-attribute": "AS"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"description": "BGP Hijack details",
|
||||||
|
"ui-priority": 1,
|
||||||
|
"misp-attribute": "text"
|
||||||
|
},
|
||||||
|
"country": {
|
||||||
|
"description": "Country code of the main location of the attacking autonomous system",
|
||||||
|
"ui-priority": 1,
|
||||||
|
"misp-attribute": "text"
|
||||||
|
},
|
||||||
|
"subnet-announced": {
|
||||||
|
"description": "Subnet announced",
|
||||||
|
"ui-priority": 0,
|
||||||
|
"misp-attribute": "ip-src",
|
||||||
|
"multiple": true
|
||||||
|
},
|
||||||
|
"start": {
|
||||||
|
"description": "First time the Prefix hijack was seen",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"ui-priority": 0,
|
||||||
|
"misp-attribute": "datetime"
|
||||||
|
},
|
||||||
|
"end": {
|
||||||
|
"description": "Last time the Prefix hijack was seen",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"ui-priority": 0,
|
||||||
|
"misp-attribute": "datetime"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"version": 1,
|
||||||
|
"description": "Object encapsulating BGP Hijack description as specified, for example, by bgpstream.com",
|
||||||
|
"meta-category": "network",
|
||||||
|
"uuid": "42355673-1fab-4908-8045-00bebd91c389",
|
||||||
|
"name": "bgp-hijack"
|
||||||
|
}
|
Loading…
Reference in New Issue