[Intelmq-dev] Support of shadowserver feeds
Dustin Demuth
dustin.demuth at intevation.de
Thu Jun 16 12:27:57 CEST 2016
Dear all,
as announced, we restructured the shadowserver parser.
Please have a look at
https://github.com/Intevation/intelmq/tree/shadowserver-feeds/intelmq/bots/parsers/shadowserver
especially the file config.py.
The file contains a bunch of mappings of the feeds below.
We are not sure if the mappings are correct.
Can someone verify this and, if possible, remove the appropriate todos, or
correct the mapping?
BR
Dustin
Am Dienstag 07 Juni 2016 17:24:04 schrieb Dustin Demuth:
> Dear all,
>
> as a short announcement, we are currently starting to work on parsers for
> the follwing shadowserver feeds.
>
> Drone [Done]
> Microsoft Sinkhole
> Sinkhole HTTP Drone
> DNS Open Resolvers
> NTP Monitor [Done]
> Open Portmapper
> Open CharGen
> Open Elasticsearch
> Open IPMI
> Open MDNS
> Open Memcached [Done]
> Open MongoDB
> Open MS-SQL
> Open NetBIOS
> Open Redis
> Open SNMP
> Open SSDP
> SSL FREAK
> SSL POODLE [Done]
>
> We expect them to be ready by the end of this week.
>
>
> BR
> Dustin
--
dustin.demuth at intevation.de https://intevation.de/ OpenPGP key: B40D2EFF
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20160616/42f912ea/attachment.sig>
More information about the Intelmq-dev
mailing list