Bug #76
Prewikka allows whois and traceroute against email addresses
Start date:
Due date:
% Done:
0%
Resolution:
fixed
Description
Prelude-LML ruleset sendmail.rules sets some addresses in this way:
target(0).node.address(0).category=e-mail; \
target(0).node.address(0).address=$1; \
Prewikka still presents options to traceroute or whois these addresses, although this type of action is probably not valid for this category of addresses.
History
#1 Updated by over 18 years ago
----
sdfsds
#2 Updated by Yoann VANDOORSELAERE over 17 years ago
- Status changed from New to Assigned
#3 Updated by Yoann VANDOORSELAERE over 17 years ago
- Status changed from Assigned to Closed
- Resolution set to fixed
(In r8395) - Allow to define unlimited number of command rather than only the one we know about (fix #134).
- Modify Alert/Heartbeat listing so that they include a source/target/analyzer information link,
but only do so when the address type permit it (fix #76).
- Link to prelude-ids.com portdb lookup instead of broken portdb database (fix #162).
- Include information for all the IDMEF-File object carried in the alert.
- Always take care of the "external_link_new_window" configuration parameter.
#4 Updated by Yoann VANDOORSELAERE over 14 years ago
- Project changed from PRELUDE SIEM to Prewikka
- Category deleted (
5) - Target version deleted (
0.9.7)