Skip to content
Permalink
Browse files

Merge branch 'maintenance' into develop

  • Loading branch information
wagner-certat committed Mar 25, 2020
2 parents d994ace + 390c9cf commit 1a0044353d26f864302b4ee7336c44a6768ca4d4
@@ -113,6 +113,7 @@ CHANGELOG
- Harmonization upgrade: Also check and update regular expressions
- Add function to migrate the deprecated parameter `attach_unzip` to `extract_files` for the mail attachment collector.
- Add function to migrate changed Taichung URL feed.
- Check for discontinued Abuse.CH Zeus Tracker feed.

### Development

@@ -135,12 +136,22 @@ CHANGELOG
- IDS Alert / known vulnerability exploitation: backdoor
- Malware: Malware Proxy
- Warn on new unknown types.
- `intelmq.bots.parsers.bitcash.parser`: Removed as feed is discontinued.
- `intelmq.bots.parsers.fraunhofer.parser_ddosattack_cnc` and `intelmq.bots.parsers.fraunhofer.parser_ddosattack_target`: Removed as feed is discontinued.
- `intelmq.bots.parsers.malwaredomains.parser`: Correctly classify `C&C` and `phishing` events.

#### Experts

#### Outputs

### Documentation
- Feeds:
- Remove unavailable feed Abuse.CH Zeus Tracker.
- Remove the field `status`, offline feeds should be removed.
- Add a new field `public` to differentiate between private and public feeds.
- Adding documentation URLs to nearly all feeds.
- Remove unavailable Bitcash.cz feed.
- Remove unavailable Fraunhofer DDos Attack feeds.

### Packaging
- patches: `fix-logrotate-path.patch`: also include path to rotated file in patch
@@ -38,6 +38,15 @@ The Taichung feed "Netflow (Recent 30)" with URL `https://www.tc.edu.tw/net/netf
As a drop-in replacement the Parser as well as the Feed documentation are now adapted to the full feed available at `https://www.tc.edu.tw/net/netflow/lkout/recent/`.
The `intelmqctl upgrade-config` command takes care of this change.

#### Abuse.ch Zeus Tracker Feed
The Abuse.ch Zeus Tracker has been discontinued on 2019-07-08. The `intelmqctl upgrade-config` command warns if you have this feed in use.

#### Bitcash.cz Feed
The Bitcash.cz Banned IPs / Blocklist feed previously available under `https://bitcash.cz/misc/log/blacklist` is no longer available. The `intelmqctl upgrade-config` command warns if you have this feed in use.

#### Fraunhofer DDoS Attack Feed
The Fraunhofer DDoS Attack feed previously available under `https://feed.caad.fkie.fraunhofer.de/ddosattackfeed/` is no longer available. The `intelmqctl upgrade-config` command warns if you have this feed in use.

### Libraries

### Postgres databases

0 comments on commit 1a00443

Please sign in to comment.
You can’t perform that action at this time.