- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-25-2016 06:30 AM - edited 02-25-2016 06:30 AM
Hi,
This is an really good tool for managing dynamic lists.
So far I have tested a basic setup and I have a few comments/suggestions.
* How do I change the ssl certificate for MineMeld.
* Will you also implement domain blocklists soons (currently running 7.1 beta).
* How about making our own miner. Information about this.
* Will you also support ipv6?
Just a few things that I thought of.
Thanks for this great tool. Looking forward to the development!
/Jo Christian
02-25-2016 06:59 AM
Thanks ! We are glad you like it !
1) cetificate and private key are stored in /etc/nginx/minemeld.cer and /etc/nginx/minemeld.pem. You can just replace them with your cert and private key and "sudo service nginx reload"
2) already supported. zeustracker.baddomains, autofocus.exportlist produce also domains. If you have a specific domain feed you are interested in, please let me know. If you look at the autofocus video, you can find instructions on how to add a new subgraph for handling domains (domain aggregator + output feeds)
3) 2 ways to do this: writing your own prototype with a configuration of an existing miner class or write your own full miner, if the protocol or format of the feed is not supported yet by one of the existing miner classes. We are working on the documentation for both options. Stay tuned, at least for the first option it will be just a matter of days. Some users have already started contributing prototypes, but with the docs it will be much easier for everyone 🙂
4) IPv6 is already supported to some extent, there are still some glitches we are working on. A full IPv6 aggregator is in roadmap.
Thanks again,
Luigi
02-25-2016 07:17 AM
Hi,
Thanks for your update.
I downloaded the ova file, and I noticed now that there are many updates for this Ubuntu image.
Could I get any problems updating the packages in Ubuntu outdated, with Minemeld?
/Jo Christian
02-25-2016 07:27 AM
Absolutely, you can also use Ubuntu mechanism to automatically install security updates:
http://askubuntu.com/questions/194/how-can-i-install-just-security-updates-from-the-command-line
02-25-2016 07:38 AM - edited 02-25-2016 07:38 AM
Perfect!
Regarding url/domain lists I have used this one in 7.1 beta. Looks good.
https://openphish.com/feed.txt <-- URL feed
Maybe something to add to Minemeld?
/Jo Christian
02-25-2016 08:46 AM
Thanks ! I have just added the prototype to the library.
You will find a miner for it in the next release. It generates URL indicators.
02-26-2016 03:50 AM
Nice! 🙂
BTW, I found openphish, and a few other feeds that I am testing on this webpage:
https://zeltser.com/malicious-ip-blocklists/
A few of them could be quite interesting to add to Minemeld.
/Jo Christian
02-26-2016 04:06 AM
Thanks, we will take a look at those.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!