Project

General

Profile

Bug #76

Prewikka allows whois and traceroute against email addresses

Added by over 14 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Target version:
Start date:
Due date:
% Done:

0%

Resolution:
fixed

Description

Prelude-LML ruleset sendmail.rules sets some addresses in this way:

target(0).node.address(0).category=e-mail; \
target(0).node.address(0).address=$1; \

Prewikka still presents options to traceroute or whois these addresses, although this type of action is probably not valid for this category of addresses.

History

#1 Updated by about 14 years ago

----
sdfsds

#2 Updated by Yoann VANDOORSELAERE about 13 years ago

  • Status changed from New to Assigned

#3 Updated by Yoann VANDOORSELAERE about 13 years ago

  • Status changed from Assigned to Closed
  • Resolution set to fixed

(In r8395) - Allow to define unlimited number of command rather than only the one we know about (fix #134).
- Modify Alert/Heartbeat listing so that they include a source/target/analyzer information link,
but only do so when the address type permit it (fix #76).
- Link to prelude-ids.com portdb lookup instead of broken portdb database (fix #162).
- Include information for all the IDMEF-File object carried in the alert.
- Always take care of the "external_link_new_window" configuration parameter.

#4 Updated by Yoann VANDOORSELAERE over 10 years ago

  • Project changed from PRELUDE SIEM to Prewikka
  • Category deleted (5)
  • Target version deleted (0.9.7)

Also available in: Atom PDF