From 30ef83db0bb907849f20218dd45e290057b7cf89 Mon Sep 17 00:00:00 2001 From: Iglocska Date: Mon, 27 Jun 2016 11:32:04 +0200 Subject: [PATCH] Updated warninglists with domains or IP addresses to also include domain|ip type attributes - fixes issue as reported by @Delta-Sierra --- lists/alexa/list.json | 3 ++- lists/google/list.json | 4 ++-- lists/multicast/list.json | 5 +++-- lists/public-dns/list.json | 5 +++-- lists/rfc1918/list.json | 5 +++-- lists/rfc5735/list.json | 5 +++-- lists/second-level-tlds/list.json | 5 +++-- lists/tlds/list.json | 5 +++-- 8 files changed, 22 insertions(+), 15 deletions(-) diff --git a/lists/alexa/list.json b/lists/alexa/list.json index b20fc69..80321b0 100644 --- a/lists/alexa/list.json +++ b/lists/alexa/list.json @@ -1005,6 +1005,7 @@ "description": "Event contains one or more entries from the top 1000 of the most used website (Alexa).", "matching_attributes": [ "hostname", - "domain" + "domain", + "domain|ip" ] } diff --git a/lists/google/list.json b/lists/google/list.json index b2ca87c..f1aa504 100644 --- a/lists/google/list.json +++ b/lists/google/list.json @@ -1,8 +1,8 @@ { "name": "List of known google domains", - "version": 1, + "version": 2, "description": "Event contains one or more entries of known google domains", - "matching_attributes": [ "domain", "hostname" ], + "matching_attributes": [ "domain", "hostname", "domain|ip" ], "list": [ ".google.com", ".google.ad", diff --git a/lists/multicast/list.json b/lists/multicast/list.json index e28c116..f3e8380 100644 --- a/lists/multicast/list.json +++ b/lists/multicast/list.json @@ -22,9 +22,10 @@ ], "matching_attributes": [ "ip-src", - "ip-dst" + "ip-dst", + "domain|ip" ], "description": "Event contains one or more entries part of the RFC 5771 multicast CIDR blocks", - "version": 1, + "version": 2, "name": "List of RFC 5771 multicast CIDR blocks" } diff --git a/lists/public-dns/list.json b/lists/public-dns/list.json index 8a82f08..c0fbed2 100644 --- a/lists/public-dns/list.json +++ b/lists/public-dns/list.json @@ -1,10 +1,11 @@ { "name": "List of known public DNS resolvers", - "version": 2, + "version": 3, "description": "Event contains one or more public DNS resolvers as attribute with an IDS flag set", "matching_attributes": [ "ip-src", - "ip-dst" + "ip-dst", + "domain|ip" ], "list": [ "8.8.8.8", diff --git a/lists/rfc1918/list.json b/lists/rfc1918/list.json index ab626ab..b476880 100644 --- a/lists/rfc1918/list.json +++ b/lists/rfc1918/list.json @@ -9,9 +9,10 @@ ], "matching_attributes": [ "ip-src", - "ip-dst" + "ip-dst", + "domain|ip" ], "description": "Event contains one or more entries part of the RFC 1918 CIDR blocks", - "version": 1, + "version": 2, "name": "List of RFC 1918 CIDR blocks" } diff --git a/lists/rfc5735/list.json b/lists/rfc5735/list.json index 4878c05..31ea5af 100644 --- a/lists/rfc5735/list.json +++ b/lists/rfc5735/list.json @@ -21,9 +21,10 @@ ], "matching_attributes": [ "ip-src", - "ip-dst" + "ip-dst", + "domain|ip" ], "description": "Event contains one or more entries part of the RFC 5735 CIDR blocks - Special Use IPv4 Addresses", - "version": 1, + "version": 2, "name": "List of RFC 5735 CIDR blocks" } diff --git a/lists/second-level-tlds/list.json b/lists/second-level-tlds/list.json index 90baa30..8c57059 100644 --- a/lists/second-level-tlds/list.json +++ b/lists/second-level-tlds/list.json @@ -6466,8 +6466,9 @@ ], "matching_attributes": [ "hostname", - "domain" + "domain", + "domain|ip" ], "name": "Second level TLDs as known by Mozilla Foundation", - "version": 1 + "version": 2 } diff --git a/lists/tlds/list.json b/lists/tlds/list.json index 39b3c99..94f0077 100644 --- a/lists/tlds/list.json +++ b/lists/tlds/list.json @@ -1293,9 +1293,10 @@ ], "matching_attributes": [ "hostname", - "domain" + "domain", + "domain|ip" ], "description": "Event contains one or more TLDs as attribute with an IDS flag set", - "version": 1, + "version": 2, "name": "TLDs as known by IANA" }