The Cyber Security Platform MeliCERTes is part of the European Strategy for Cyber Security. MeliCERTes is a network for establishing confidence and trust among the national Computer Security Incident Response Teams (CSIRTs) of the Member States and for promoting swift and effective operational cooperation.
################INTELMQ#################
Finding : Development version of IntelMQ used
Recommendation : Please use always the current stable version
Finding : /opt/intelmq including configuration is set world-writable
Recommendation : Do not set it world-writable
Finding : Too much logging.
Recommendation : less logging
Finding : Default logging level is DEBUG here
Recommendation : Please use INFO (default for stable releases)
Finding : Csp-file-collector directly sends reports to csp-rest-api-output
Recommendation : Use a parser in between.
Finding: missing exception handling config/cve/parser_cve_scraping.py
Description: exceptions in utf8 decoding/encoding are not handled, leading
to loss of tweet data (also from other tweets that follow the malformed one)
Fixed the run script to stop the apache controller
Added Config volume for intelmq configuration
################RT ADPAPTER#################
Finding : multiple instances of URL parameter injection
Recommendation : don’t coalesce URI path in the code, or (if absolutely necessary) use explicit
argument escaping.
################INTELMQ################# Finding : Development version of IntelMQ used Recommendation : Please use always the current stable version
Finding : /opt/intelmq including configuration is set world-writable Recommendation : Do not set it world-writable
Finding : Too much logging. Recommendation : less logging
Finding : Default logging level is DEBUG here Recommendation : Please use INFO (default for stable releases)
Finding : Csp-file-collector directly sends reports to csp-rest-api-output Recommendation : Use a parser in between.
Finding: missing exception handling config/cve/parser_cve_scraping.py Description: exceptions in utf8 decoding/encoding are not handled, leading to loss of tweet data (also from other tweets that follow the malformed one)
Fixed the run script to stop the apache controller Added Config volume for intelmq configuration
################RT ADPAPTER#################
Finding : multiple instances of URL parameter injection Recommendation : don’t coalesce URI path in the code, or (if absolutely necessary) use explicit argument escaping.