cti-comment message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [cti-comment] Included Packet Object Type into STIX 2.0
- From: "Jason Keirstead" <Jason.Keirstead@ca.ibm.com>
- To: Farhan Sadique <qclass@protonmail.com>
- Date: Wed, 28 Feb 2018 16:37:50 -0400
Hi Farhan;
We have a network-traffic object, which
is meant to be able to convery this. See the "src_payload_ref"
and "dst_payload_ref" which can be used to include the raw bytes
in the stream.
If all you have is a single network
packet you would simply create a uni-directional network-traffic object
(it would only have a source or a destination, which one you would use
depends on the protocol you were encoding)
-
Jason Keirstead
STSM, Product Architect, Security Intelligence, IBM Security Systems
www.ibm.com/security
"Things may come to those who wait, but only the things left by those
who hustle." - Unknown
From:
Farhan Sadique <qclass@protonmail.com>
To:
"cti-comment@lists.oasis-open.org"
<cti-comment@lists.oasis-open.org>
Date:
02/28/2018 03:02 PM
Subject:
[cti-comment]
Included Packet Object Type into STIX 2.0
Sent by:
<cti-comment@lists.oasis-open.org>
Do you have any plans or work in progress to include to
network packet object type into STIX 2.x. This was in STIX 1.x
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]