admin/geedge-jira
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first

Browse Source
This commit is contained in:
hello
2025-09-14 21:52:36 +00:00
commit 46daec8ae4
2554 changed files with 117765 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
md/OMPUB-977.md Normal file
View File

@@ -0,0 +1,35 @@
# 利用现场环境收集ICQ的Server IPs
| ID | Creation Date | Assignee | Status |
|----|----------------|----------|--------|
| OMPUB-977 | 2023-07-28T21:08:04.000+0800 | 宋龙坤 | 完成 |
---
# 创建IP对象导入附件中ip.txt
# 创建FQDN对象导入附件中fqdn.txt
# 创建自定义特征1ip.dst引用步骤1中IP对象
# 创建自定义特征2: ssl.handshark.extensions_server_name引用步骤2中FQDN对象
# 创建自定义应用icq引用两个或关系的特征
# 可选创建report统计session record中application label为步骤5中应用的server ipserver locationserver portssl.sni, http.host
# 可选若无法创建report则在session record中搜索application label为步骤5中应用的日志并导出
## Attachments
**41899/fqdn_20230728125826.txt**
---
**41921/ICQ_20230728.csv**
---
**41933/ICQ_TEST_20230731.csv**
---
**41900/ip_20230728125308.txt**
---