Updated warninglists with domains or IP addresses to also include domain|ip type attributes

- fixes issue as reported by @Delta-Sierra
2016-06-27 11:32:04 +02:00 · 2016-06-27 11:32:04 +02:00 · 30ef83db0b
parent 58ac9ff865
commit 30ef83db0b
8 changed files with 22 additions and 15 deletions
--- a/lists/alexa/list.json
+++ b/lists/alexa/list.json
@ -1005,6 +1005,7 @@
  "description": "Event contains one or more entries from the top 1000 of the most used website (Alexa).",
  "matching_attributes": [
    "hostname",
-    "domain"
+    "domain",
+    "domain|ip"
  ]
 }
--- a/lists/google/list.json
+++ b/lists/google/list.json
@ -1,8 +1,8 @@
 {
  "name": "List of known google domains",
-  "version": 1,
+  "version": 2,
  "description": "Event contains one or more entries of known google domains",
-  "matching_attributes": [ "domain", "hostname" ],
+  "matching_attributes": [ "domain", "hostname", "domain|ip" ],
  "list": [
        ".google.com",
        ".google.ad",
--- a/lists/multicast/list.json
+++ b/lists/multicast/list.json
@ -22,9 +22,10 @@
  ],
  "matching_attributes": [
    "ip-src",
-    "ip-dst"
+    "ip-dst",
+    "domain|ip"
  ],
  "description": "Event contains one or more entries part of the RFC 5771 multicast CIDR blocks",
-  "version": 1,
+  "version": 2,
  "name": "List of RFC 5771 multicast CIDR blocks"
 }
--- a/lists/public-dns/list.json
+++ b/lists/public-dns/list.json
@ -1,10 +1,11 @@
 {
  "name": "List of known public DNS resolvers",
-  "version": 2,
+  "version": 3,
  "description": "Event contains one or more public DNS resolvers as attribute with an IDS flag set",
  "matching_attributes": [
    "ip-src",
-    "ip-dst"
+    "ip-dst",
+    "domain|ip"
  ],
  "list": [
    "8.8.8.8",
--- a/lists/rfc1918/list.json
+++ b/lists/rfc1918/list.json
@ -9,9 +9,10 @@
  ],
  "matching_attributes": [
    "ip-src",
-    "ip-dst"
+    "ip-dst",
+    "domain|ip"
  ],
  "description": "Event contains one or more entries part of the RFC 1918 CIDR blocks",
-  "version": 1,
+  "version": 2,
  "name": "List of RFC 1918 CIDR blocks"
 }
--- a/lists/rfc5735/list.json
+++ b/lists/rfc5735/list.json
@ -21,9 +21,10 @@
  ],
  "matching_attributes": [
    "ip-src",
-    "ip-dst"
+    "ip-dst",
+    "domain|ip"
  ],
  "description": "Event contains one or more entries part of the RFC 5735 CIDR blocks - Special Use IPv4 Addresses",
-  "version": 1,
+  "version": 2,
  "name": "List of RFC 5735 CIDR blocks"
 }
--- a/lists/second-level-tlds/list.json
+++ b/lists/second-level-tlds/list.json
@ -6466,8 +6466,9 @@
    ],
    "matching_attributes": [
        "hostname",
-        "domain"
+        "domain",
+        "domain|ip"
    ],
    "name": "Second level TLDs as known by Mozilla Foundation",
-    "version": 1
+    "version": 2
 }
--- a/lists/tlds/list.json
+++ b/lists/tlds/list.json
@ -1293,9 +1293,10 @@
  ],
  "matching_attributes": [
    "hostname",
-    "domain"
+    "domain",
+    "domain|ip"
  ],
  "description": "Event contains one or more TLDs as attribute with an IDS flag set",
-  "version": 1,
+  "version": 2,
  "name": "TLDs as known by IANA"
 }