JonathanPhillips / collective-intelligence-framework

Automatically exported from code.google.com/p/collective-intelligence-framework
0 stars 0 forks source link

alien vault rep feed #146

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
https://reputation.alienvault.com/reputation.generic

Original issue reported on code.google.com by saxjazm...@gmail.com on 23 Mar 2012 at 4:40

GoogleCodeExporter commented 9 years ago

Original comment by saxjazm...@gmail.com on 4 Apr 2012 at 11:51

GoogleCodeExporter commented 9 years ago
feed = 'https://reputation.alienvault.com/reputation.generic'
severity = medium
confidence = 65
detection = daily
source = 'alienvault.com'
restriction = need-to-know
alternativeid_restriction = public
guid = everyone
mirror = '/tmp'

[botnet_infra]
regex = '^(\S+)\s#\sC&C;RBN'
regex_values = 'address'
impact = 'botnet infrastructure'
description = 'rbn'
confidence = 75
severity = high
period = daily

[malware_infra]
regex = '^(\S+)\s#\sMalware IP;RBN'
regex_values = 'address'
impact = 'malware infrastructure'
description = 'rbn'
confidence = 65
period = daily

[scanner]
regex = '^(\S+)\s#\sScanning Host'
regex_values = 'address'
impact = 'scanner infrastructure'
description = 'unknown'
confidence = 75
period = daily

Original comment by saxjazm...@gmail.com on 4 Apr 2012 at 1:49

GoogleCodeExporter commented 9 years ago
https://github.com/collectiveintel/cif-smrt-perl/issues/3

Original comment by saxjazm...@gmail.com on 23 May 2012 at 12:09