[IntelMQ-dev] Proposed classification for new loop-dos report
elsif
elsif at shadowserver.org
Tue Mar 19 16:49:41 CET 2024
The classification.identifier would be "loop-dos".
On 3/19/24 7:58 AM, Sebix wrote:
> Dear elsif,
>
> I'm not sure if I understand the question correctly.
>
> On 3/19/24 15:19, elsif wrote:
>> I would like to propose the following constant_fields:
>>
>> classification.taxonomy = vulnerable
>> classification.type = vulnerable-system
>> protocol.application = application
>> Where the application would be tftp or dns for example.
>
> These values are valid in IntelMQ events.
>
> You will need to add a classification.identifier though
>
> best regards
> Sebastian
>
> Institute for Common Good Technology
> gemeinnütziger Kulturverein - nonprofit cultural society
> https://commongoodtechnology.org/
> ZVR 1510673578
>
>
More information about the IntelMQ-dev
mailing list