Default Lists
The Default Lists application contains lists shipped as a vendor package.
Release Details
Version:5.0.0
Release date:2021-08-26
Document date:2021-08-26
Supported On:LogPoint v6.6.0 and later
SHA 256: 8d117d1f32c7fd7b97eecf5bde0d307ac9ecda1e1bf6345a18e7fc66ed1501ca
Download
Package Details
The application contains:
- KB List
-
- ABNORMAL_FILES
- ADMIN_GROUPS
- ADMIN_SOURCES
- ADMINS
- ALERT_BAD_IP
- ALERT_IRC_PORT
- ALERT_MAIL_SERVER
- ALERT_OPEN_PORTS
- ALERT_PRESENT_EMPLOYEES
- ALERT_UNUSUAL_SOURCE
- ALLOWED_PORTS
- ALLOWED_PROGRAMS
- ANTI_MALWARE_SYSTEMS
- APPLICATION_SHIM_OBJECTS
- ATTACK_COMMANDS
- BAD_RABBIT_FILE
- BAD_RABBIT_HASH
- BLACKENERGY3
- BLACKLIST_IPS
- BLACKLISTED_DOMAIN
- BLACKLISTED_IP
- BLACKLISTED_PORTS
- BLOCKED_APPLICATION
- C2C_SOURCES
- CARD_HOLDER_DATA
- CLOP_C2_DOMAINS
- CLOP_DOMAINS
- CLOP_HASHES
- CLOP_RANSOMWARE_EMAILS
- CLOP_RANSOMWARE_HASHES
- CLOUD_APP
- CLOUD_APPLICATION_IP
- CLOUD_APPLICATIONS
- COMMON_PORTS
- CONCERNED_CONTENT
- CRIMINAL_CONTENT
- CRITICAL_DIR
- CRITICAL_FILE
- CRITICAL_FILES
- CRITICAL_FOLDER
- CRITICAL_HOSTS
- CRITICAL_SYSTEMS
- DARKADDRESS
- DASHBOARD_VALIDATE_LIST
- DATABASE_ACTIONS
- DATABASE_ADMINS
- DATABASE_SOURCE
- DATABASE_SYSTEMS
- DATASERVERS
- DEFAULT_PARAMETERS
- DEFAULT_USERS
- DMZ
- DOMAIN
- DOPPELPAYMENR_RANSOMWARE_DOMAINS
- DOPPELPAYMER_RANSOMWARE_CVE
- DOPPELPAYMER_RANSOMWARE_HASHES
- DRAGONFLY_CNC_REQUEST
- DRAGONFLY_DIGEST
- DRAGONFLY_MALICIOUS_FILES
- DRAGONFLY_MALICIOUS_FOLDER
- DRAGONFLY_MALICIOUS_REGISTRY
- DYNAMIC_CATEGORIES
- EXCLUDED_USERS
- EXECUTABLES
- EXTREMIST_CONTENT
- FILE_EXTENSIONS
- FILE_SHARING_APPLICATIONS
- FIREWALL_SYSTEMS
- HIDDEN_COBRA_CVE
- HIDDEN_COBRA_EMAIL
- HIDDEN_COBRA_FILE
- HIDDEN_COBRA_FILES
- HIDDEN_COBRA_HASH
- HIDDEN_COBRA_IP
- HIDDEN_COBRA_IPS
- HIGH_ALERT_MACHINES
- HIGH_IMPACT_ASSETS
- HOME_DIR
- HOME_DOMAIN
- HOME_FOLDER
- HOMENET
- HTTP_ERROR
- IMP_FILE
- INACTIVE_USERS
- INJECTION_CHARACTER
- IRC_PORTS
- KASPERSKY_UPDATE_FAILURES
- KNOWN_APPLICATIONS
- KNOWN_COUNTRY
- KNOWN_DOMAINS
- KNOWN_FILE
- KNOWN_SERVER_HOST
- LOGPOINT_GROUPS
- MAIL_SERVER_IP
- MAIL_SERVERS
- MALICIOUS_POWERSHELL_COMMANDLET_NAMES
- MALICIOUS_POWERSHELL_COMMANDS
- MALWARE
- MALWARE_DOMAINS
- MALWARE_EMAILS
- MALWARE_FILES
- MALWARE_HASH
- MALWARE_IP
- MALWARE_URL
- MANAGERS
- MATRIX_FILE
- MOBILE_USER_AGENTS
- MSSQL2008_ACCOUNT_MGMT
- NETWORK_SYSTEMS
- PETYA_COMMAND
- POLICY_URLS
- PRIVILEGE_GROUP
- PRIVILEGED_USER
- RISK_COUNTRIES
- SECURITY_DEVICES
- SERVER_ADDRESS
- SQL_INJECTION_CHARACTERS
- STATIC_CATEGORIES
- SUSPICIOUS_NTP_SOURCES
- SUSPICIOUS_USER
- SYSLOG_SOURCE
- TROJAN_KARAGANY
- UNAPPROVED_PORT
- UNENCRYPTED_PROTOCOLS
- VULNERABLE_CONTENT
- VULNERABLE_HOST
- VULNERABLE_IP
- VULNERABLE_WORKSTATIONS
- WANNACRY_DOMAIN
- WANNACRY_EXTENSION
- WEBSERVER_SYSTEMS
- WIN_PROCESS_EVENT_ID
- WINADMINS
- WINDOWS_DC
- XSS_TAG
- YOUTUBE
Functional Description
The key feature is to use it in coordination with the queries in dashboards, reports, and alerts.
Installation
Download the Default Lists package from the Download section above.
Support
If you have any queries or require assistance, please feel free to contact our support team:
Email: servicedesk@logpoint.com
Phone: +45 7060 6100
Best regards,
Comments
Article is closed for comments.