Expected Filesystem bootstrap format

[chrisfls]

Expected format for Filesystem bootstrap:

dict string
    (list
        { name:
            string
        , extension:
            string
        , path:
            string
        , size:
            int
        , type:
            (string) type
        , modules:
            modules for type
        }
    )

type defines expected modules:

    : "cracker"
    | "firewall"
    | "exploit"
    | "hasher"
    | "log_forger"
    | "log_recover"
    | "encryptor"
    | "decryptor"
    | "any_map"
    | "text"
    | "crypto_key"

modules type varies according to the software type:

modules for "cracker":
    bruteforce: simple_module
    overflow: simple_module

modules for "firewall":
    active: simple_module
    passive: simple_module

modules for "exploit":
    ftp: simple_module
    ssh: simple_module

modules for "hasher":
    password: simple_module

modules for "log_forger":
    create: simple_module
    edit: simple_module

modules for "log_recover":
    recover: simple_module

modules for "encryptor":
    file: simple_module
    log: simple_module
    connection: simple_module
    process: simple_module

modules for "decryptor":
    file: simple_module
    log: simple_module
    connection: simple_module
    process: simple_module

modules for "any_map":
    geo: simple_module
    net: simple_module

modules for "text":
    ---

modules for "crypto_key":
    ---

simple_module is a generic module format for modules without special fields:

version: float

Some types like text and crypto_key won't required the modules field.

[renatomassaro]

Let me know about the event format, based on what we've talked today.

It can be either a bunch of FileAddedEvent, FileDeletedEvent, FileUpdatedEvent, FolderCreatedEvent, FolderDeletedEvent FolderUpdatedEvent or a single FilesystemChangedEvent with the object (:file or :folder) and operation (:added, :deleted or :updated).

[renatomassaro]

s/Updated/Modified/