# these top-level configs are the defaults applied to each section
confidence = 85
restriction = 'need-to-know'
alternativeid_restriction = 'public'
guid = everyone
source = 'dragonresearchgroup.org'
[ssh]
parser = txt
regex = '^\d+\s+\|\s+[\S|\s]+\|\s+(\S+)\s+\|\s+(\S+\s\S+)\s+\|'
regex_values = 'ipv4,detecttime'
source = 'dragonresearchgroup.org'
assessment = 'scanner'
description = 'ssh'
portlist = 22
protocol = tcp
period = hourly
[vnc]
parser = txt
regex = '^\d+\s+\|\s+[\S|\s]+\|\s+(\S+)\s+\|\s+(\S+\s\S+)\s+\|'
regex_values = 'ipv4,detecttime'
assessment = 'scanner'
description = vnc
portlist = 5900-5904
protocol = tcp
period = hourly