CIF-Client-0.09

Changes for version 0.09 - 2012-04-30

changed snort output so that the 'protocol' field is set to tcp/udp/icmp/ip according to the value in the CIF database (previously 'ip' was always outputted)
added to config file (~/.cif) variable default
- snort_classtype null (won't appear in the outputted rules) snort_tag null (won't appear in the outputted rules) snort_priority default based on CIF severity (5=medium, 9=high otherwise 1) snort_threshold "type limit,track by_src,count 1,seconds 3600" snort_srcnet any snort_srcport any
- example ~/.cif excerpt
- snort_startsid = 1234567000 snort_classtype = botnet-connection-known snort_tag = "session, 50, packets" snort_priority = 1 snort_sourcenet = "[$HOME_NET,!$TRUSTED]"

Modules

CIF::Client

Perl extension that extends REST::Client for use with the CI-Framework REST interface

Provides

CIF::Client::Plugin::Bindzone

in lib/CIF/Client/Plugin/Bindzone.pm

CIF::Client::Plugin::Csv

in lib/CIF/Client/Plugin/Csv.pm

CIF::Client::Plugin::Html

in lib/CIF/Client/Plugin/Html.pm

CIF::Client::Plugin::Iodef

in lib/CIF/Client/Plugin/Iodef.pm

CIF::Client::Plugin::Iodef::Bgp

in lib/CIF/Client/Plugin/Iodef/Bgp.pm

CIF::Client::Plugin::Iodef::Domain

in lib/CIF/Client/Plugin/Iodef/Domain.pm

CIF::Client::Plugin::Iodef::Email

in lib/CIF/Client/Plugin/Iodef/Email.pm

CIF::Client::Plugin::Iodef::Group

in lib/CIF/Client/Plugin/Iodef/Group.pm

CIF::Client::Plugin::Iodef::Ipv4

in lib/CIF/Client/Plugin/Iodef/Ipv4.pm

CIF::Client::Plugin::Iodef::Malware

in lib/CIF/Client/Plugin/Iodef/Malware.pm

CIF::Client::Plugin::Iodef::Service

in lib/CIF/Client/Plugin/Iodef/Service.pm

CIF::Client::Plugin::Iodef::ShareWith

in lib/CIF/Client/Plugin/Iodef/ShareWith.pm

CIF::Client::Plugin::Iodef::Url

in lib/CIF/Client/Plugin/Iodef/Url.pm

CIF::Client::Plugin::Iptables

in lib/CIF/Client/Plugin/Iptables.pm

CIF::Client::Plugin::Output

in lib/CIF/Client/Plugin/Output.pm

CIF::Client::Plugin::Parser

in lib/CIF/Client/Plugin/Parser.pm

CIF::Client::Plugin::Pcapfilter

in lib/CIF/Client/Plugin/Pcapfilter.pm

CIF::Client::Plugin::Raw

in lib/CIF/Client/Plugin/Raw.pm

CIF::Client::Plugin::Snort

in lib/CIF/Client/Plugin/Snort.pm

CIF::Client::Plugin::Table

in lib/CIF/Client/Plugin/Table.pm

Examples

example.conf

Other files

To install CIF::Client, copy and paste the appropriate command in to your terminal.

cpanm

cpanm CIF::Client

CPAN shell

perl -MCPAN -e shell
install CIF::Client

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Changes for version 0.09 - 2012-04-30

Modules

Provides

Examples

Other files

Module Install Instructions