[IntelMQ-dev] Proposed classification for new loop-dos report
elsif
elsif at shadowserver.org
Tue Mar 19 15:19:15 CET 2024
We are in the process of creating a new daily report based on the
previous loop-dos special report:
https://www.shadowserver.org/what-we-do/network-reporting/loop-dos-special-report/
I would like to propose the following constant_fields:
classification.taxonomy = vulnerable
classification.type = vulnerable-system
protocol.application = application
Where the application would be tftp or dns for example.
More information about the IntelMQ-dev
mailing list