MISP
/
misp-rfc
mirror of https://github.com/MISP/misp-rfc
2
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

chg: [datatypes] updated to the latest version

pull/21/head
Alexandre Dulaunoy 3 years ago
parent
602ea6ccde
commit
0cb9a0f46e
No known key found for this signature in database
GPG Key ID: 9E2CD4944E6CBCD
1 changed files with 24 additions and 24 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 48
      misp-core-format/raw.md.txt

48
misp-core-format/raw.md.txt
Unescape View File

@ -537,7 +537,7 @@ Internet-Draft MISP core format August 2018 @@ -537,7 +537,7 @@ Internet-Draft MISP core format August 2018
traffic, pattern-in-memory, vulnerability, attachment, malware-
sample, link, comment, text, x509-fingerprint-sha1, x509-
fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5,
github-repository, other, cortex
hassh-md5, hasshserver-md5, github-repository, other, cortex
Financial fraud
btc, xmr, iban, bic, bank-account-nr, aba-rtn, bin, cc-number,
@ -552,8 +552,8 @@ Internet-Draft MISP core format August 2018 @@ -552,8 +552,8 @@ Internet-Draft MISP core format August 2018
agent, http-method, AS, snort, pattern-in-file, stix2-pattern,
pattern-in-traffic, attachment, comment, text, x509-fingerprint-
md5, x509-fingerprint-sha1, x509-fingerprint-sha256, ja3-
fingerprint-md5, other, hex, cookie, hostname|port, bro
fingerprint-md5, hassh-md5, hasshserver-md5, other, hex, cookie,
hostname|port, bro
@ -580,10 +580,11 @@ Internet-Draft MISP core format August 2018 @@ -580,10 +580,11 @@ Internet-Draft MISP core format August 2018
stix2-pattern, yara, sigma, mime-type, attachment, malware-sample,
link, malware-type, comment, text, hex, vulnerability, x509-
fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256,
ja3-fingerprint-md5, other, hostname|port, email-dst-display-name,
email-src-display-name, email-header, email-reply-to, email-
x-mailer, email-mime-boundary, email-thread-index, email-message-
id, mobile-application-id, whois-registrant-email
ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other,
hostname|port, email-dst-display-name, email-src-display-name,
email-header, email-reply-to, email-x-mailer, email-mime-boundary,
email-thread-index, email-message-id, mobile-application-id,
whois-registrant-email
Payload installation
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
@ -609,7 +610,6 @@ Internet-Draft MISP core format August 2018 @@ -609,7 +610,6 @@ Internet-Draft MISP core format August 2018
gender, passport-number, passport-country, passport-expiration,
redress-number, nationality, visa-number, issue-date-of-the-visa,
primary-residence, country-of-residence, special-service-request,
frequent-flyer-number, travel-details, payment-details, place-
@ -618,6 +618,7 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 11] @@ -618,6 +618,7 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 11]
Internet-Draft MISP core format August 2018
frequent-flyer-number, travel-details, payment-details, place-
port-of-original-embarkation, place-port-of-clearance, place-port-
of-onward-foreign-destination, passenger-name-record-locator-
number, comment, text, other, phone-number, identity-card-number
@ -668,7 +669,6 @@ Internet-Draft MISP core format August 2018 @@ -668,7 +669,6 @@ Internet-Draft MISP core format August 2018
Dulaunoy & Iklody Expires February 9, 2019 [Page 12]
Internet-Draft MISP core format August 2018
@ -909,7 +909,7 @@ Internet-Draft MISP core format August 2018 @@ -909,7 +909,7 @@ Internet-Draft MISP core format August 2018
traffic, pattern-in-memory, vulnerability, attachment, malware-
sample, link, comment, text, x509-fingerprint-sha1, x509-
fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5,
github-repository, other, cortex
hassh-md5, hasshserver-md5, github-repository, other, cortex
Financial fraud
btc, xmr, iban, bic, bank-account-nr, aba-rtn, bin, cc-number,
@ -924,7 +924,8 @@ Internet-Draft MISP core format August 2018 @@ -924,7 +924,8 @@ Internet-Draft MISP core format August 2018
agent, http-method, AS, snort, pattern-in-file, stix2-pattern,
pattern-in-traffic, attachment, comment, text, x509-fingerprint-
md5, x509-fingerprint-sha1, x509-fingerprint-sha256, ja3-
fingerprint-md5, other, hex, cookie, hostname|port, bro
fingerprint-md5, hassh-md5, hasshserver-md5, other, hex, cookie,
hostname|port, bro
Other
comment, text, other, size-in-bytes, counter, datetime, cpe, port,
@ -944,8 +945,7 @@ Internet-Draft MISP core format August 2018 @@ -944,8 +945,7 @@ Internet-Draft MISP core format August 2018
stix2-pattern, yara, sigma, mime-type, attachment, malware-sample,
link, malware-type, comment, text, hex, vulnerability, x509-
fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256,
ja3-fingerprint-md5, other, hostname|port, email-dst-display-name,
email-src-display-name, email-header, email-reply-to, email-
ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other,
@ -954,8 +954,10 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 17] @@ -954,8 +954,10 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 17]
Internet-Draft MISP core format August 2018
x-mailer, email-mime-boundary, email-thread-index, email-message-
id, mobile-application-id, whois-registrant-email
hostname|port, email-dst-display-name, email-src-display-name,
email-header, email-reply-to, email-x-mailer, email-mime-boundary,
email-thread-index, email-message-id, mobile-application-id,
whois-registrant-email
Payload installation
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
@ -998,9 +1000,7 @@ Internet-Draft MISP core format August 2018 @@ -998,9 +1000,7 @@ Internet-Draft MISP core format August 2018
target-user, target-email, target-machine, target-org, target-
location, target-external, comment
Attributes are based on the usage within their different communities.
Attributes can be extended on a regular basis and this reference
document is updated accordingly.
@ -1010,6 +1010,10 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 18] @@ -1010,6 +1010,10 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 18]
Internet-Draft MISP core format August 2018
Attributes are based on the usage within their different communities.
Attributes can be extended on a regular basis and this reference
document is updated accordingly.
2.5.2.4. category
category represents the intent of what the attribute is describing as
@ -1054,10 +1058,6 @@ Internet-Draft MISP core format August 2018 @@ -1054,10 +1058,6 @@ Internet-Draft MISP core format August 2018
the ShadowAttribute proposes the creation of a new Attribute, it
should be set to 0.
old_id is represented as a JSON string. old_id MUST be present.
@ -1066,6 +1066,8 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 19] @@ -1066,6 +1066,8 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 19]
Internet-Draft MISP core format August 2018
old_id is represented as a JSON string. old_id MUST be present.
2.5.2.8. timestamp
timestamp represents a reference time when the attribute was created
@ -1115,8 +1117,6 @@ Internet-Draft MISP core format August 2018 @@ -1115,8 +1117,6 @@ Internet-Draft MISP core format August 2018
Dulaunoy & Iklody Expires February 9, 2019 [Page 20]
Internet-Draft MISP core format August 2018

Write Preview
Loading…
Cancel
Save