Passivetotal_service: cannot import name DnsResponse #316
Comments
|
What version of passivetotal are you running ? the higher versions error out , haven't figured out why. |
|
Yes confirm. Same behavior. If i do only a : |
|
Thx - crits failed our proof of concept in many places. Not scaleable, could not implement Mitre's own Stix/taxii standards.
Sent from my Galaxy Tab® S2
-------- Original message --------From: action09 <notifications@github.com> Date: 8/26/17 9:21 PM (GMT-05:00) To: crits/crits_services <crits_services@noreply.github.com> Cc: david-rundle-xor <david.rundle@xorsecurity.com>, Author <author@noreply.github.com> Subject: Re: [crits/crits_services] Passivetotal_service: cannot import name
DnsResponse (#316)
Yes confirm. Same behavior. If i do only a :
pip install passivetotal
==> NOK !
so :
pip install passivetotal==1.0.23
correct the thing and service is available.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/crits/crits_services","title":"crits/crits_services","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/crits/crits_services"}},"updates":{"snippets":[{"icon":"PERSON","message":"@action09 in #316: Yes confirm. Same behavior. If i do only a :\r\npip install passivetotal\r\n==\u003e NOK !\r\nso :\r\npip install passivetotal==1.0.23\r\ncorrect the thing and service is available.\r\n\r\n"}],"action":{"name":"View Issue","url":"#316 (comment)"}}}
|
![https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open](https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open){kind=link}
CRITS having its own sane format isn't necessarily a bad thing at all. |
|
It also does support those (no longer MITRE) standards, just not natively
because the community didn’t want it forced upon them. Just need to install
the TAXII service.
Also scales fairly well with mongo so not sure about hat either.
…On Sun, Aug 27, 2017 at 2:54 AM Andras Iklody ***@***.***> wrote:
could not implement Mitre's own Stix/taxii standards.
CRITS having its own sane format isn't necessarily a bad thing at all.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#316 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAP7CUyPOs7DzrL12kXj_k8RGSXMbtS5ks5scRK-gaJpZM4NVkoi>
.
|
|
No, even with the taxii service, there's large parts of the standard implemented incorrectly which strip out data and drop context about campaigns, actors, and interrelationships. Trust me - ran these dead ends into brick walls at speed face first too many times.
Sent from my Galaxy Tab® S2
-------- Original message --------From: Mike Goffin <notifications@github.com> Date: 8/27/17 9:19 AM (GMT-05:00) To: crits/crits_services <crits_services@noreply.github.com> Cc: david-rundle-xor <david.rundle@xorsecurity.com>, Author <author@noreply.github.com> Subject: Re: [crits/crits_services] Passivetotal_service: cannot import name
DnsResponse (#316)
It also does support those (no longer MITRE) standards, just not natively
because the community didn’t want it forced upon them. Just need to install
the TAXII service.
Also scales fairly well with mongo so not sure about hat either.
On Sun, Aug 27, 2017 at 2:54 AM Andras Iklody <notifications@github.com>
wrote:
could not implement Mitre's own Stix/taxii standards.
CRITS having its own sane format isn't necessarily a bad thing at all.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#316 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAP7CUyPOs7DzrL12kXj_k8RGSXMbtS5ks5scRK-gaJpZM4NVkoi>
.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/crits/crits_services","title":"crits/crits_services","subtitle":"GitHub repository","main_image_url":"https://cloud.githubusercontent.com/assets/143418/17495839/a5054eac-5d88-11e6-95fc-7290892c7bb5.png","avatar_image_url":"https://cloud.githubusercontent.com/assets/143418/15842166/7c72db34-2c0b-11e6-9aed-b52498112777.png","action":{"name":"Open in GitHub","url":"https://github.com/crits/crits_services"}},"updates":{"snippets":[{"icon":"PERSON","message":"@mgoffin in #316: It also does support those (no longer MITRE) standards, just not natively\nbecause the community didn’t want it forced upon them. Just need to install\nthe TAXII service.\n\nAlso scales fairly well with mongo so not sure about hat either.\n\nOn Sun, Aug 27, 2017 at 2:54 AM Andras Iklody \u003cnotifications@github.com\u003e\nwrote:\n\n\u003e could not implement Mitre's own Stix/taxii standards.\n\u003e\n\u003e CRITS having its own sane format isn't necessarily a bad thing at all.\n\u003e\n\u003e —\n\u003e You are receiving this because you are subscribed to this thread.\n\u003e Reply to this email directly, view it on GitHub\n\u003e \u003chttps://github.com/crits/crits_services/issues/316#issuecomment-325180823\u003e,\n\u003e or mute the thread\n\u003e \u003chttps://github.com/notifications/unsubscribe-auth/AAP7CUyPOs7DzrL12kXj_k8RGSXMbtS5ks5scRK-gaJpZM4NVkoi\u003e\n\u003e .\n\u003e\n"}],"action":{"name":"View Issue","url":"#316 (comment)"}}}
|
|
In my experience,, pretty much anything that claims to do STIX will have a < 100% correct ingest for other STIX sources out there, which is an inherent issue with standards that allow many different ways to describe the same thing (just have a look at how many ways you can describe something as simple as an IP address in STIX 1.x). If you have one specific source of STIX data, then you can get away with simply finding the tool that ingests with the highest success rate, but that's about it. Alternatively, you can look for a tool (such as Soltra) that simply ingests an xml document as is, but doesn't allow you to do much with it. Crits is a tool that allows you to do much more with your ingested data, but this of course comes at a cost of < 100% perfect mapping. |
|
The TAXII service is also something supported by folks in the community
that use the standard. If there’s something not working, missing, etc. feel
free to drop an issue or a PR on Github! We love hearing from other devs
who want to contribute.
As for not being 100% compliant I would agree with Andras that it is
literally impossible. The standard gives you the ability to create your own
custom object which requires someone to know how it is built to parse it
correctly. That requires custom code and that to me sucks.
…On Sun, Aug 27, 2017 at 11:58 AM Andras Iklody ***@***.***> wrote:
In my experience,, pretty much anything that claims to do STIX will have a
< 100% correct ingest for other STIX sources out there, which is an
inherent issue with standards that allow many different ways to describe
the same thing (just have a look at how many ways you can describe
something as simple as an IP address in STIX 1.x). If you have one specific
source of STIX data, then you can get away with simply finding the tool
that ingests with the highest success rate, but that's about it.
Alternatively, you can look for a tool (such as Soltra) that simply
ingests an xml document as is, but doesn't allow you to do much with it.
Crits is a tool that allows you to do much more with your ingested data,
but this of course comes at a cost of < 100% perfect mapping.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#316 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAP7CS332Z-kj3eKHZ9b_rx86Qe6mgE5ks5scZJAgaJpZM4NVkoi>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
crits.log reporting:
crits.services.core Failed to import service (passivetotal_service): cannot import name DnsResponse
Validated that passivetotal module is installed correctly.
The text was updated successfully, but these errors were encountered: