85 lines
2.8 KiB
RPMSpec
85 lines
2.8 KiB
RPMSpec
|
#
|
||
|
|
# spec file for package pyioc
|
||
|
|
#
|
||
|
|
# Copyright (c) 2012 Greg Freemyer <Greg.Freemyer@gmail.com>
|
||
|
|
#
|
||
|
|
# All modifications and additions to the file contributed by third parties
|
||
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
||
|
|
# upon. The license for this file, and modifications and additions to the
|
||
|
|
# file, is the same license as for the pristine package itself (unless the
|
||
|
|
# license for the pristine package is not an Open Source License, in which
|
||
|
|
# case the license is the MIT License). An "Open Source License" is a
|
||
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||
|
|
# published by the Open Source Initiative.
|
||
|
|
#
|
||
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||
|
|
#
|
||
|
|
|
||
|
|
Name: pyioc
|
||
|
|
#not released yet, this the git id I think
|
||
|
|
%define timestamp 20130422
|
||
|
|
#sha of last commit on Apr 22, 2013
|
||
|
|
# 6310f9f5fcf6aa0e20767b30e3a084dbe6b9cd32
|
||
|
|
Version: 0~%{timestamp}
|
||
|
|
Release: 0
|
||
|
|
License: GPL-3.0+
|
||
|
|
Summary: Python tools for IOC (Indicator of Compromise) handling
|
||
|
|
#DL_URL: git clone https://github.com/jeffbryner/pyioc.git
|
||
|
|
#DL_tarball: tar -czf pyioc-20130422.tar.gz pyioc
|
||
|
|
Url: https://github.com/jeffbryner/pyioc
|
||
|
|
Group: Development/Libraries/Python
|
||
|
|
Source0: pyioc-20130422.tar.gz
|
||
|
|
Source1: README.opensuse
|
||
|
|
BuildRequires: pkg-config
|
||
|
|
BuildRequires: python-devel
|
||
|
|
Requires: python-SOAPpy
|
||
|
|
Requires: python-M2Crypto
|
||
|
|
Requires: python-psutil
|
||
|
|
Requires: python-lxml = 2.3.2
|
||
|
|
Requires: python-netaddr
|
||
|
|
BuildArch: noarch
|
||
|
|
|
||
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||
|
|
|
||
|
|
%if 0%{?suse_version} && 0%{?suse_version} <= 1110
|
||
|
|
%{!?python_sitearch: %global python_sitearch %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
|
||
|
|
%endif
|
||
|
|
|
||
|
|
%description
|
||
|
|
Some simple utilities for parsing IOC files:
|
||
|
|
iocdump.py: spit out the indicator items being referenced
|
||
|
|
iocwalk.py: parse the boolean logic behind the IOC and the items referenced.
|
||
|
|
|
||
|
|
pyiocClient:
|
||
|
|
A client for linux/windows that handles basic searches for Files,
|
||
|
|
processes, registry items and ports. It compiles to native linux/windows
|
||
|
|
32 or 64bit code via pyinstaller and can therefore be run with no python
|
||
|
|
interpreter on the client system.
|
||
|
|
|
||
|
|
pyiocServer:
|
||
|
|
The server-side compliment to the client. It dishes out .ioc files to
|
||
|
|
clients that call in via SOAP over SSL and logs the results of the
|
||
|
|
client checks.
|
||
|
|
IOCs can be tailored by a simple directory structure corresponding to
|
||
|
|
the net CIDR mask of the client system.
|
||
|
|
i.e.
|
||
|
|
iocs/172.21-16/firefox.ioc
|
||
|
|
will issue the firefox.ioc to any system inthe 172.21.0.0/16 ip range
|
||
|
|
when the client is run.
|
||
|
|
|
||
|
|
%prep
|
||
|
|
%setup -q -n pyioc
|
||
|
|
cp %{SOURCE1} .
|
||
|
|
|
||
|
|
%build
|
||
|
|
# CFLAGS="%%{optflags}" python setup.py build
|
||
|
|
|
||
|
|
%install
|
||
|
|
# python setup.py install --root=%%{buildroot} --prefix=%%{_prefix} --record-rpm=INSTALLED_FILES
|
||
|
|
|
||
|
|
%files
|
||
|
|
%defattr(-,root,root)
|
||
|
|
%doc COPYING README README.opensuse
|
||
|
|
|
||
|
|
%changelog
|