MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

taxonomies updated

pull/6/head
Alexandre Dulaunoy 2018-07-12 15:07:06 +02:00
parent dcb9f075c7
commit daa96fea69
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 6784 additions and 6784 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
taxonomies.html
View File

@ -501,7 +501,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_passivetotal">passivetotal</a></li>
<li><a href="#_pentest">pentest</a></li>
<li><a href="#_priority_level">priority-level</a></li>
<li><a href="#_rsit">RSIT</a></li>
<li><a href="#_rsit">rsit</a></li>
<li><a href="#_rt_event_status">rt_event_status</a></li>
<li><a href="#_runtime_packer">runtime-packer</a></li>
<li><a href="#_smart_airports_threats">smart-airports-threats</a></li>
@ -17853,7 +17853,7 @@ Exclusive flag set which means the values or predicate below must be set exclusi
</div>
</div>
<div class="sect1">
<h2 id="_rsit">RSIT</h2>
<h2 id="_rsit">rsit</h2>
<div class="sectionbody">
<div class="admonitionblock note">
<table>
@ -17862,7 +17862,7 @@ Exclusive flag set which means the values or predicate below must be set exclusi
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/RSIT/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
rsit namespace available in JSON format at <a href="https://github.com/MISP/misp-taxonomies/blob/master/rsit/machinetag.json"><strong>this location</strong></a>. The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a> taxonomy.
</td>
</tr>
</table>
@ -17876,7 +17876,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Abusive Content.</p>
</div>
<div class="sect3">
<h4 id="_rsitabusive_contentspam">RSIT:abusive-content="spam"</h4>
<h4 id="_rsitabusive_contentspam">rsit:abusive-content="spam"</h4>
<div class="paragraph">
<p>spam</p>
</div>
@ -17885,7 +17885,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitabusive_contentharmful_speech">RSIT:abusive-content="harmful-speech"</h4>
<h4 id="_rsitabusive_contentharmful_speech">rsit:abusive-content="harmful-speech"</h4>
<div class="paragraph">
<p>Harmful Speech</p>
</div>
@ -17894,7 +17894,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitabusive_contentviolence">RSIT:abusive-content="violence"</h4>
<h4 id="_rsitabusive_contentviolence">rsit:abusive-content="violence"</h4>
<div class="paragraph">
<p>Child/Sexual/Violence/&#8230;&#8203;</p>
</div>
@ -17909,7 +17909,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Software that is intentionally included or inserted in a system for a harmful purpose. A user interaction is normally necessary to activate the code.</p>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_codevirus">RSIT:malicious-code="virus"</h4>
<h4 id="_rsitmalicious_codevirus">rsit:malicious-code="virus"</h4>
<div class="paragraph">
<p>Virus</p>
</div>
@ -17918,7 +17918,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_codeworm">RSIT:malicious-code="worm"</h4>
<h4 id="_rsitmalicious_codeworm">rsit:malicious-code="worm"</h4>
<div class="paragraph">
<p>Worm</p>
</div>
@ -17927,7 +17927,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_codetrojan">RSIT:malicious-code="trojan"</h4>
<h4 id="_rsitmalicious_codetrojan">rsit:malicious-code="trojan"</h4>
<div class="paragraph">
<p>Trojan</p>
</div>
@ -17936,7 +17936,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_codespyware">RSIT:malicious-code="spyware"</h4>
<h4 id="_rsitmalicious_codespyware">rsit:malicious-code="spyware"</h4>
<div class="paragraph">
<p>Spyware</p>
</div>
@ -17945,7 +17945,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_codedialer">RSIT:malicious-code="dialer"</h4>
<h4 id="_rsitmalicious_codedialer">rsit:malicious-code="dialer"</h4>
<div class="paragraph">
<p>Dialer</p>
</div>
@ -17954,7 +17954,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitmalicious_coderootkit">RSIT:malicious-code="rootkit"</h4>
<h4 id="_rsitmalicious_coderootkit">rsit:malicious-code="rootkit"</h4>
<div class="paragraph">
<p>Rootkit</p>
</div>
@ -17969,7 +17969,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Information Gathering.</p>
</div>
<div class="sect3">
<h4 id="_rsitinformation_gatheringscanner">RSIT:information-gathering="scanner"</h4>
<h4 id="_rsitinformation_gatheringscanner">rsit:information-gathering="scanner"</h4>
<div class="paragraph">
<p>Scanning</p>
</div>
@ -17978,7 +17978,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitinformation_gatheringsniffing">RSIT:information-gathering="sniffing"</h4>
<h4 id="_rsitinformation_gatheringsniffing">rsit:information-gathering="sniffing"</h4>
<div class="paragraph">
<p>Sniffing</p>
</div>
@ -17987,7 +17987,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitinformation_gatheringsocial_engineering">RSIT:information-gathering="social-engineering"</h4>
<h4 id="_rsitinformation_gatheringsocial_engineering">rsit:information-gathering="social-engineering"</h4>
<div class="paragraph">
<p>Social Engineering</p>
</div>
@ -18002,7 +18002,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Intrusion Attempts.</p>
</div>
<div class="sect3">
<h4 id="_rsitintrusion_attemptsids_alert">RSIT:intrusion-attempts="ids-alert"</h4>
<h4 id="_rsitintrusion_attemptsids_alert">rsit:intrusion-attempts="ids-alert"</h4>
<div class="paragraph">
<p>Exploiting of known Vulnerabilities</p>
</div>
@ -18011,7 +18011,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitintrusion_attemptsbrute_force">RSIT:intrusion-attempts="brute-force"</h4>
<h4 id="_rsitintrusion_attemptsbrute_force">rsit:intrusion-attempts="brute-force"</h4>
<div class="paragraph">
<p>Login attempts</p>
</div>
@ -18020,7 +18020,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitintrusion_attemptsexploit">RSIT:intrusion-attempts="exploit"</h4>
<h4 id="_rsitintrusion_attemptsexploit">rsit:intrusion-attempts="exploit"</h4>
<div class="paragraph">
<p>New attack signature</p>
</div>
@ -18035,7 +18035,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>A successful compromise of a system or application (service). This can have been caused remotely by a known or new vulnerability, but also by an unauthorized local access. Also includes being part of a botnet.</p>
</div>
<div class="sect3">
<h4 id="_rsitintrusionsprivileged_account_compromise">RSIT:intrusions="privileged-account-compromise"</h4>
<h4 id="_rsitintrusionsprivileged_account_compromise">rsit:intrusions="privileged-account-compromise"</h4>
<div class="paragraph">
<p>Privileged Account Compromise</p>
</div>
@ -18044,7 +18044,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitintrusionsunprivileged_account_compromise">RSIT:intrusions="unprivileged-account-compromise"</h4>
<h4 id="_rsitintrusionsunprivileged_account_compromise">rsit:intrusions="unprivileged-account-compromise"</h4>
<div class="paragraph">
<p>Unprivileged Account Compromise</p>
</div>
@ -18053,7 +18053,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitintrusionsapplication_compromise">RSIT:intrusions="application-compromise"</h4>
<h4 id="_rsitintrusionsapplication_compromise">rsit:intrusions="application-compromise"</h4>
<div class="paragraph">
<p>Application Compromise</p>
</div>
@ -18062,7 +18062,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitintrusionsbot">RSIT:intrusions="bot"</h4>
<h4 id="_rsitintrusionsbot">rsit:intrusions="bot"</h4>
<div class="paragraph">
<p>Bot</p>
</div>
@ -18077,7 +18077,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>By this kind of an attack a system is bombarded with so many packets that the operations are delayed or the system crashes. DoS examples are ICMP and SYN floods, Teardrop attacks and mail-bombing. DDoS often is based on DoS attacks originating from botnets, but also other scenarios exist like DNS Amplification attacks. However, the availability also can be affected by local actions (destruction, disruption of power supply, etc.) or by Act of God, spontaneous failures or human error, without malice or gross neglect being involved.</p>
</div>
<div class="sect3">
<h4 id="_rsitavailabilitydos">RSIT:availability="dos"</h4>
<h4 id="_rsitavailabilitydos">rsit:availability="dos"</h4>
<div class="paragraph">
<p>DoS</p>
</div>
@ -18086,7 +18086,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitavailabilityddos">RSIT:availability="ddos"</h4>
<h4 id="_rsitavailabilityddos">rsit:availability="ddos"</h4>
<div class="paragraph">
<p>DDoS</p>
</div>
@ -18095,7 +18095,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitavailabilitysabotage">RSIT:availability="sabotage"</h4>
<h4 id="_rsitavailabilitysabotage">rsit:availability="sabotage"</h4>
<div class="paragraph">
<p>Sabotage</p>
</div>
@ -18104,7 +18104,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitavailabilityoutage">RSIT:availability="outage"</h4>
<h4 id="_rsitavailabilityoutage">rsit:availability="outage"</h4>
<div class="paragraph">
<p>Outage (no malice)</p>
</div>
@ -18119,7 +18119,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Besides a local abuse of data and systems the information security can be endangered by a successful account or application compromise. Furthermore attacks are possible that intercept and access information during transmission (wiretapping, spoofing or hijacking). Human/configuration/software error can also be the cause.</p>
</div>
<div class="sect3">
<h4 id="_rsitinformation_content_securityunauthorised_information_access">RSIT:information-content-security="Unauthorised-information-access"</h4>
<h4 id="_rsitinformation_content_securityunauthorised_information_access">rsit:information-content-security="Unauthorised-information-access"</h4>
<div class="paragraph">
<p>Unauthorised access to information</p>
</div>
@ -18128,7 +18128,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitinformation_content_securityunauthorised_information_modification">RSIT:information-content-security="Unauthorised-information-modification"</h4>
<h4 id="_rsitinformation_content_securityunauthorised_information_modification">rsit:information-content-security="Unauthorised-information-modification"</h4>
<div class="paragraph">
<p>Unauthorised modification of information</p>
</div>
@ -18143,7 +18143,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Fraud.</p>
</div>
<div class="sect3">
<h4 id="_rsitfraudunauthorized_use_of_resources">RSIT:fraud="unauthorized-use-of-resources"</h4>
<h4 id="_rsitfraudunauthorized_use_of_resources">rsit:fraud="unauthorized-use-of-resources"</h4>
<div class="paragraph">
<p>Unauthorized use of resources</p>
</div>
@ -18152,7 +18152,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitfraudcopyright">RSIT:fraud="copyright"</h4>
<h4 id="_rsitfraudcopyright">rsit:fraud="copyright"</h4>
<div class="paragraph">
<p>Copyright</p>
</div>
@ -18161,7 +18161,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitfraudmasquerade">RSIT:fraud="masquerade"</h4>
<h4 id="_rsitfraudmasquerade">rsit:fraud="masquerade"</h4>
<div class="paragraph">
<p>Masquerade</p>
</div>
@ -18170,7 +18170,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
</div>
</div>
<div class="sect3">
<h4 id="_rsitfraudphishing">RSIT:fraud="phishing"</h4>
<h4 id="_rsitfraudphishing">rsit:fraud="phishing"</h4>
<div class="paragraph">
<p>Phishing</p>
</div>
@ -18185,7 +18185,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Open resolvers, world readable printers, vulnerability apparent from Nessus etc scans, virus signatures not up-to-date, etc</p>
</div>
<div class="sect3">
<h4 id="_rsitvulnerablevulnerable_service">RSIT:vulnerable="vulnerable-service"</h4>
<h4 id="_rsitvulnerablevulnerable_service">rsit:vulnerable="vulnerable-service"</h4>
<div class="paragraph">
<p>Open for abuse</p>
</div>
@ -18200,7 +18200,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>All incidents which don&#8217;t fit in one of the given categories should be put into this class. If the number of incidents in this category increases, it is an indicator that the classification scheme must be revised</p>
</div>
<div class="sect3">
<h4 id="_rsitotherother">RSIT:other="other"</h4>
<h4 id="_rsitotherother">rsit:other="other"</h4>
<div class="paragraph">
<p>other</p>
</div>
@ -18215,7 +18215,7 @@ RSIT namespace available in JSON format at <a href="https://github.com/MISP/misp
<p>Meant for testing.</p>
</div>
<div class="sect3">
<h4 id="_rsittesttest">RSIT:test="test"</h4>
<h4 id="_rsittesttest">rsit:test="test"</h4>
<div class="paragraph">
<p>Test</p>
</div>
@ -32278,7 +32278,7 @@ workflow namespace available in JSON format at <a href="https://github.com/MISP/
</div>
<div id="footer">
<div id="footer-text">
Last updated 2018-07-12 14:52:11 CEST
Last updated 2018-07-12 15:06:13 CEST
</div>
</div>
</body>

13496
taxonomies.pdf
View File

File diff suppressed because it is too large Load Diff