chg: [datamodels] added ja3 type

pull/8/head
Alexandre Dulaunoy 2018-12-30 13:16:24 +01:00
parent c0a256d07b
commit 80ab5e61bb
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 4 additions and 0 deletions

View File

@ -93,6 +93,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|ip-src| | | | X | | | |ip-src| | | | X | | |
|ip-src|port| | | | X | | | |ip-src|port| | | | X | | |
|issue-date-of-the-visa| | | | | | | |issue-date-of-the-visa| | | | | | |
|ja3-fingerprint-md5| | | | X | | |
|jabber-id| | | | | | | |jabber-id| | | | | | |
|last-name| | | | | | | |last-name| | | | | | |
|link| X | | | X | | X | |link| X | | | X | | X |
@ -249,6 +250,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|ip-src| X | | X | | | | |ip-src| X | | X | | | |
|ip-src|port| X | | X | | | | |ip-src|port| X | | X | | | |
|issue-date-of-the-visa| | | | | | | |issue-date-of-the-visa| | | | | | |
|ja3-fingerprint-md5| X | | X | | | |
|jabber-id| | | | | | | |jabber-id| | | | | | |
|last-name| | | | | | | |last-name| | | | | | |
|link| | | X | | | | |link| | | X | | | |
@ -405,6 +407,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
|ip-src| | | | | |ip-src| | | | |
|ip-src|port| | | | | |ip-src|port| | | | |
|issue-date-of-the-visa| X | | | | |issue-date-of-the-visa| X | | | |
|ja3-fingerprint-md5| | | | |
|jabber-id| | X | | | |jabber-id| | X | | |
|last-name| X | | | | |last-name| X | | | |
|link| | | X | | |link| | | X | |
@ -581,6 +584,7 @@ The MISP format is described as Internet-Draft in [misp-rfc](https://github.com/
* **ip-src**: A source IP address of the attacker * **ip-src**: A source IP address of the attacker
* **ip-src|port**: IP source and port number seperated by a | * **ip-src|port**: IP source and port number seperated by a |
* **issue-date-of-the-visa**: The date on which the visa was issued * **issue-date-of-the-visa**: The date on which the visa was issued
* **ja3-fingerprint-md5**: JA3 is a method for creating SSL/TLS client fingerprints that should be easy to produce on any platform and can be easily shared for threat intelligence.
* **jabber-id**: Jabber ID * **jabber-id**: Jabber ID
* **last-name**: Last name of a natural person * **last-name**: Last name of a natural person
* **link**: Link to an external information * **link**: Link to an external information