chg: [objects] updated

iglocska-patch-1
Alexandre Dulaunoy 2019-05-04 18:04:15 +02:00
parent a65e52d35d
commit 7a81b3e22b
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 8384 additions and 5654 deletions

View File

@ -497,6 +497,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_interpol_notice">interpol-notice</a></li> <li><a href="#_interpol_notice">interpol-notice</a></li>
<li><a href="#_ip_api_address">ip-api-address</a></li> <li><a href="#_ip_api_address">ip-api-address</a></li>
<li><a href="#_ip_port">ip-port</a></li> <li><a href="#_ip_port">ip-port</a></li>
<li><a href="#_irc">irc</a></li>
<li><a href="#_ja3">ja3</a></li> <li><a href="#_ja3">ja3</a></li>
<li><a href="#_legal_entity">legal-entity</a></li> <li><a href="#_legal_entity">legal-entity</a></li>
<li><a href="#_lnk">lnk</a></li> <li><a href="#_lnk">lnk</a></li>
@ -8684,6 +8685,150 @@ ip-port is a MISP object available in JSON format at <a href="https://github.com
</div> </div>
</div> </div>
<div class="sect1"> <div class="sect1">
<h2 id="_irc"><a class="anchor" href="#_irc"></a><a class="link" href="#_irc">irc</a></h2>
<div class="sectionbody">
<div class="paragraph">
<p>An IRC object to describe an IRC server and the associated channels.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
irc is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/master/objects/irc/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all stretch">
<colgroup>
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Object attribute</th>
<th class="tableblock halign-left valign-top">MISP attribute type</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Disable correlation</th>
<th class="tableblock halign-left valign-top">Multiple</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Description of the IRC server</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">last-seen</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Last time the IRC server with the associated channels has been seen</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">first-seen</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>First time the IRC server with the associated channels has been seen</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-port</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">port</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Destination port to reach the IRC server</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">channel</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>IRC channel associated to the IRC server</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">nickname</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>IRC nickname used to connect to the associated IRC server and channels</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">hostname</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">hostname</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Hostname of the IRC server</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">ip</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">ip-dst</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>IP address of the IRC server</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_ja3"><a class="anchor" href="#_ja3"></a><a class="link" href="#_ja3">ja3</a></h2> <h2 id="_ja3"><a class="anchor" href="#_ja3"></a><a class="link" href="#_ja3">ja3</a></h2>
<div class="sectionbody"> <div class="sectionbody">
<div class="paragraph"> <div class="paragraph">
@ -16444,7 +16589,7 @@ regripper-system-hive-general-configuration is a MISP object available in JSON f
</tr> </tr>
<tr> <tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td> <td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td>
<td class="tableblock halign-left valign-top"></td> <td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph"> <td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Additional comments.</p> <p>Additional comments.</p>
</div></div></td> </div></div></td>
@ -16849,7 +16994,7 @@ regripper-system-hive-services-drivers is a MISP object available in JSON format
</tr> </tr>
<tr> <tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td> <td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td>
<td class="tableblock halign-left valign-top"></td> <td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph"> <td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Additional comments.</p> <p>Additional comments.</p>
</div></div></td> </div></div></td>
@ -22008,7 +22153,7 @@ yara is a MISP object available in JSON format at <a href="https://github.com/MI
</div> </div>
<div id="footer"> <div id="footer">
<div id="footer-text"> <div id="footer-text">
Last updated 2019-04-21 15:57:45 +0200 Last updated 2019-05-04 09:45:32 +0200
</div> </div>
</div> </div>
</body> </body>

13887
objects.pdf

File diff suppressed because it is too large Load Diff