[nsp-sec] Adding a field to Malware URL daily reports data
Tim Wilde
twilde at cymru.com
Thu Sep 2 13:56:02 EDT 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Good afternoon everyone!
I wanted to pass along a heads-up that we will be adding a new field to
the Malware URL daily reports category. For your reference, the current
category description can be found here:
https://www.cymru.com/nsp-sec/dailyreports/malwareurl.html
As described at that page, the current line format within Malware URL
reports is:
OriginAS | IP | DATE(YYYY-MM-DD) TIME(HH:MM:SS) [URL] | AS-NAME
The new format will be:
OriginAS | IP | DATE(YYYY-MM-DD) TIME(HH:MM:SS) [URL] [SCAN-ID] | AS-NAME
Where "SCAN-ID" is an integer number used to identify the sample
internally at Team Cymru, which will help us find the specific details
of the entry if you need to contact us about it for any reason. We are
adding the scan ID to the end of the field here to help avoid any
processing problems it may cause (or at least make changes relatively
easy to handle).
This field will begin appearing in some of the Malware URL reports data
you receive tonight/tomorrow morning, and should be on all Malware URL
rows in the reporting cycle after that. Please let us know if you have
any questions, problems, etc!
Best regards,
Tim Wilde
- --
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkx/5TIACgkQluRbRini9tjjQwCfS0FVWL0oposzQopVmFjd/EYc
wS0AnRnL5Ca/y+VLmsSq8uk+1eSj0NUC
=+GPY
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list