alien vault rep feed

[GoogleCodeExporter]

https://reputation.alienvault.com/reputation.generic

Original issue reported on code.google.com by saxjazm...@gmail.com on 23 Mar 2012 at 4:40

[GoogleCodeExporter]

Original comment by saxjazm...@gmail.com on 4 Apr 2012 at 11:51

• Added labels: Component-Feed

[GoogleCodeExporter]

feed = 'https://reputation.alienvault.com/reputation.generic'
severity = medium
confidence = 65
detection = daily
source = 'alienvault.com'
restriction = need-to-know
alternativeid_restriction = public
guid = everyone
mirror = '/tmp'

[botnet_infra]
regex = '^(\S+)\s#\sC&C;RBN'
regex_values = 'address'
impact = 'botnet infrastructure'
description = 'rbn'
confidence = 75
severity = high
period = daily

[malware_infra]
regex = '^(\S+)\s#\sMalware IP;RBN'
regex_values = 'address'
impact = 'malware infrastructure'
description = 'rbn'
confidence = 65
period = daily

[scanner]
regex = '^(\S+)\s#\sScanning Host'
regex_values = 'address'
impact = 'scanner infrastructure'
description = 'unknown'
confidence = 75
period = daily

Original comment by saxjazm...@gmail.com on 4 Apr 2012 at 1:49

[GoogleCodeExporter]

https://github.com/collectiveintel/cif-smrt-perl/issues/3

Original comment by saxjazm...@gmail.com on 23 May 2012 at 12:09

• Changed state: Done