Really good tool!

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Really good tool!

L4 Transporter

Hi,

This is an really good tool for managing dynamic lists.
So far I have tested a basic setup and I have a few comments/suggestions.

 

* How do I change the ssl certificate for MineMeld.

* Will you also implement domain blocklists soons (currently running 7.1 beta).
* How about making our own miner. Information about this.
* Will you also support ipv6?

 

Just a few things that I thought of.

Thanks for this great tool. Looking forward to the development!


/Jo Christian

/Jo Christian
7 REPLIES 7

L7 Applicator

Thanks ! We are glad you like it !

 

1) cetificate and private key are stored in /etc/nginx/minemeld.cer and /etc/nginx/minemeld.pem. You can just replace them with your cert and private key and "sudo service nginx reload"

 

2) already supported. zeustracker.baddomains, autofocus.exportlist produce also domains. If you have a specific domain feed you are interested in, please let me know. If you look at the autofocus video, you can find instructions on how to add a new subgraph for handling domains (domain aggregator + output feeds)

https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Video-MineMeld-on-AWS-amp-Autofocus-Export...

 

3) 2 ways to do this: writing your own prototype with a configuration of an existing miner class or write your own full miner, if the protocol or format of the feed is not supported yet by one of the existing miner classes. We are working on the documentation for both options. Stay tuned, at least for the first option it will be just a matter of days. Some users have already started contributing prototypes, but with the docs it will be much easier for everyone 🙂

 

4) IPv6 is already supported to some extent, there are still some glitches we are working on. A full IPv6 aggregator is in roadmap.

 

Thanks again,

Luigi

Hi,

 

Thanks for your update.
I downloaded the ova file, and I noticed now that there are many updates for this Ubuntu image.
Could I get any problems updating the packages in Ubuntu outdated, with Minemeld?

 

/Jo Christian

/Jo Christian

Absolutely, you can also use Ubuntu mechanism to automatically install security updates:

http://askubuntu.com/questions/194/how-can-i-install-just-security-updates-from-the-command-line

Perfect!

Regarding url/domain lists I have used this one in 7.1 beta. Looks good.

https://openphish.com/feed.txt  <-- URL feed


Maybe something to add to Minemeld?

 

 

/Jo Christian

/Jo Christian

Thanks ! I have just added the prototype to the library.

You will find a miner for it in the next release. It generates URL indicators.

Nice! 🙂

BTW, I found openphish, and a few other feeds that I am testing on this webpage:

https://zeltser.com/malicious-ip-blocklists/
A few of them could be quite interesting to add to Minemeld.

 

/Jo Christian

/Jo Christian

Thanks, we will take a look at those.

  • 8328 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!