parent ba7d24b

author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452139 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452135 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452132 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452116 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452111 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659452106 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659451910 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659451905 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659451900 +0000 parent ba7d24b author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659451775 +0000 Update parser to support all available reports. Update to existing test cases to match current report types. New tests for added report types. pycodestyle fixes add testdata licenses pycodestyle fix Added reports parameter Suggested changes to the parser Proposed details for the release Test script updates for suggested changes Test input updates Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Update scan_snmp.csv Realign columns Remove duplicates Changed malware.name to extra.infection Updated SPDX-FileCopyrightText shadowserver api: document and warn on old parameter document the old parameter `country` and its status warn if used adapt the test DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright and raw field updates Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Addeed event4_honeypot_ddos, event4_honeypot_ddos_target, scan_dvr_dhcpdiscover, and scan_socks. Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file update:scan_mdns, scan_smb, and special; add:scan_ddos_middle_box cleanup renamed license files updated scan_mdns test files updated scan_smb test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test updated schema Updated scan_smb tests Updated scan_ntp tests Updated scan_snmp tests New scan_docker test New scan_kubernetes test New scan_mysql test Updated report schema for June 2022 Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Revert: Fix for recover_line method as commited in #2192 Added scan_couchdb Test case for scan_couchdb Added scan6_rpd Added/updated README with maintainer details Restored feed names and classification.identifiers to minimize upgrade impact. Merge repair pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Added additional IPv6 aliases Fix for recover_line method as commited in #2192 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392927 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392915 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392880 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392820 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392766 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392468 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392457 +0000 parent 6194014 author elsif2 <[email protected]> 1659389509 +0000 committer elsif2 <[email protected]> 1659392039 +0000 Update parser to support all available reports. Update to existing test cases to match current report types. New tests for added report types. pycodestyle fixes add testdata licenses pycodestyle fix Added reports parameter Suggested changes to the parser Proposed details for the release Test script updates for suggested changes Test input updates Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Update scan_snmp.csv Realign columns Remove duplicates Changed malware.name to extra.infection Updated SPDX-FileCopyrightText shadowserver api: document and warn on old parameter document the old parameter `country` and its status warn if used adapt the test DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright and raw field updates Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Addeed event4_honeypot_ddos, event4_honeypot_ddos_target, scan_dvr_dhcpdiscover, and scan_socks. Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file update:scan_mdns, scan_smb, and special; add:scan_ddos_middle_box cleanup renamed license files updated scan_mdns test files updated scan_smb test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test updated schema Updated scan_smb tests Updated scan_ntp tests Updated scan_snmp tests New scan_docker test New scan_kubernetes test New scan_mysql test Updated report schema for June 2022 Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Revert: Fix for recover_line method as commited in #2192 Added scan_couchdb Test case for scan_couchdb Added scan6_rpd Added/updated README with maintainer details Restored feed names and classification.identifiers to minimize upgrade impact. Merge repair pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Added additional IPv6 aliases Fix for recover_line method as commited in #2192 Replaced misleading _country_ parameter with _reports_. Update parser to support all available reports. Update to existing test cases to match current report types. pycodestyle fixes add testdata licenses pycodestyle fix Suggested changes to the parser Proposed details for the release Test script updates for suggested changes Test input updates Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Realign columns Remove duplicates Changed malware.name to extra.infection DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file cleanup renamed license files updated scan_mdns test files updated scan_smb test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test Updated scan_ntp tests Updated scan_snmp tests New scan_docker test New scan_kubernetes test New scan_mysql test Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Fix for recover_line method as commited in #2192 Revert: Fix for recover_line method as commited in #2192 Test case for scan_couchdb Restored feed names and classification.identifiers to minimize upgrade impact. Added function to notify if any unsupported feeds are configured. pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Update intelmq/bots/collectors/shadowserver/collector_reports_api.py Co-authored-by: Sebastian <[email protected]> Update intelmq/bots/collectors/shadowserver/README.md Co-authored-by: Sebastian <[email protected]> Update intelmq/tests/bots/parsers/shadowserver/README.md Co-authored-by: Sebastian <[email protected]> resync to develop parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395284 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395281 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395278 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395264 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395260 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395256 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395141 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395131 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395127 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395122 +0000 parent 7dc5b74 author elsif2 <[email protected]> 1643216571 +0000 committer elsif2 <[email protected]> 1659395058 +0000 Update parser to support all available reports. Update to existing test cases to match current report types. New tests for added report types. pycodestyle fixes add testdata licenses pycodestyle fix Added reports parameter Suggested changes to the parser Proposed details for the release Test script updates for suggested changes Test input updates Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Update scan_snmp.csv Realign columns Remove duplicates Changed malware.name to extra.infection Updated SPDX-FileCopyrightText shadowserver api: document and warn on old parameter document the old parameter `country` and its status warn if used adapt the test DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright and raw field updates Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Addeed event4_honeypot_ddos, event4_honeypot_ddos_target, scan_dvr_dhcpdiscover, and scan_socks. Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file update:scan_mdns, scan_smb, and special; add:scan_ddos_middle_box cleanup renamed license files updated scan_mdns test files updated scan_smb test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test updated schema Updated scan_smb tests Updated scan_ntp tests Updated scan_snmp tests New scan_docker test New scan_kubernetes test New scan_mysql test Updated report schema for June 2022 Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Revert: Fix for recover_line method as commited in #2192 Added scan_couchdb Test case for scan_couchdb Added scan6_rpd Added/updated README with maintainer details Restored feed names and classification.identifiers to minimize upgrade impact. Merge repair pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Added additional IPv6 aliases Fix for recover_line method as commited in #2192 resolve conflict Replaced misleading _country_ parameter with _reports_. Update parser to support all available reports. Update to existing test cases to match current report types. New tests for added report types. pycodestyle fixes add testdata licenses pycodestyle fix Added reports parameter Suggested changes to the parser Proposed details for the release Test script updates for suggested changes Test input updates Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Update scan_snmp.csv Realign columns Remove duplicates Changed malware.name to extra.infection Updated SPDX-FileCopyrightText shadowserver api: document and warn on old parameter document the old parameter `country` and its status warn if used adapt the test DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright and raw field updates Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Addeed event4_honeypot_ddos, event4_honeypot_ddos_target, scan_dvr_dhcpdiscover, and scan_socks. Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file update:scan_mdns, scan_smb, and special; add:scan_ddos_middle_box cleanup renamed license files updated scan_mdns test files updated scan_smb test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test updated schema Updated scan_smb tests Updated scan_ntp tests Updated scan_snmp tests New scan_docker test New scan_kubernetes test New scan_mysql test Updated report schema for June 2022 Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Revert: Fix for recover_line method as commited in #2192 Added scan_couchdb Test case for scan_couchdb Added scan6_rpd Added/updated README with maintainer details Restored feed names and classification.identifiers to minimize upgrade impact. Merge repair pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Added additional IPv6 aliases Fix for recover_line method as commited in #2192 Update to existing test cases to match current report types. add testdata licenses pycodestyle fix Proposed details for the release Test script updates for suggested changes Realign columns Update compromised_website.csv Update scan_adb.csv Update scan_ftp.csv Update scan_ipp.csv Realign columns Remove duplicates DOC: fix NEWS entry of PR#2143 Added the sector field to scan_amqp, scan_cwmp, and scan_vnc. Copyright updates Added phish_url and scan_modbus reports. Update source.url and source.fqdn for phish_url and malware_url reports. Update classification.taxonomy and classification.type for scan_modbus report. * additional field type validation changes * added count, bytes, duration, avg_pps, and max_pps fields to event_honeypot_ddos_amp * added 'protocol.application': 'https' to scan_ssl, scan_ssl_freak, and scan_ssl_poodle * added 'extra.tag' to scan_* and device_id Replaced scan_modbus with scan_ics Tests for event4_honeypot_ddos. Tests for event4_honeypot_ddos_target. Tests for scan_dvr_dhcpdiscover. Tests for scan_socks. Rename file Rename file cleanup renamed license files updated scan_mdns test files updated special test files add scan_ddos_middlebox test files add scan_ddos_middlebox test New scan_docker test New scan_kubernetes test New scan_mysql test Added scan_epmd test Revert "Added scan_epmd test" This reverts commit 01edea1. Fix for recover_line method as commited in #2192 Revert: Fix for recover_line method as commited in #2192 Test case for scan_couchdb Restored feed names and classification.identifiers to minimize upgrade impact. Added function to notify if any unsupported feeds are configured. pycodestyle repairs codespell fixes license compliance fixes pycodestyle fixes Feed configuration updates for compatibility with the original. Added scan_postgres test Update intelmq/bots/collectors/shadowserver/collector_reports_api.py Co-authored-by: Sebastian <[email protected]> Update intelmq/bots/collectors/shadowserver/README.md Co-authored-by: Sebastian <[email protected]> Update intelmq/tests/bots/parsers/shadowserver/README.md Co-authored-by: Sebastian <[email protected]> resync to develop
certtools · Aug 2, 2022 · 462d0d2 · 462d0d2
1 parent ba7d24b
commit 462d0d2
Show file tree

Hide file tree

Showing 183 changed files with 7,795 additions and 4,930 deletions.
diff --git a/NEWS.md b/NEWS.md
@@ -9,11 +9,30 @@ NEWS
 This file lists all changes which have an affect on the administration of IntelMQ and contains steps that you need to be aware off for the upgrade.
 Please refer to the changelog for a full list of changes.
 
+
 3.1.0 Feature release (unreleased)
 ----------------------------------
 
 ### Requirements
 
+### Bots
+#### ShadowServer Reports API collector
+The misleading `country` parameter has been depreciated and a `reports` parameter has been added.
+The backwards-compatibility will be removed in IntelMQ version 4.0.0.
+See the [Shadowserver Reports API bot's documentation](https://intelmq.readthedocs.io/en/latest/user/bots.html#shadowserver-reports-api).
+
+
+3.1.0 Feature release (unreleased)
+----------------------------------
+
+### Requirements
+
+### Bots
+#### ShadowServer Reports API collector
+The misleading `country` parameter has been depreciated and a `reports` parameter has been added.
+The backwards-compatibility will be removed in IntelMQ version 4.0.0.
+See the [Shadowserver Reports API bot's documentation](https://intelmq.readthedocs.io/en/latest/user/bots.html#shadowserver-reports-api).
+
 ### Tools
 
 ### Data Format
@@ -37,12 +56,97 @@ The parameter `timeout` has been merged into `redis_cache_ttl`.
 ### Libraries
 
 ### Postgres databases
+The following statements optionally update existing data for the harmonization classification changes:
+```sql
+UPDATE events
+   SET "classification.identifier" = 'open-adb'
+   WHERE "classification.identifier" = 'accessible-adb';
+UPDATE events
+   SET "classification.identifier" = 'open-afp'
+   WHERE "classification.identifier" = 'accessible-afp';
+UPDATE events
+   SET "classification.identifier" = 'open-amqp'
+   WHERE "classification.identifier" = 'accessible-amqp';
+UPDATE events
+   SET "classification.identifier" = 'open-ard'
+   WHERE "classification.identifier" = 'accessible-ard';
+UPDATE events
+   SET "classification.identifier" = 'open-cisco-smart-install'
+   WHERE "classification.identifier" = 'accessible-cisco-smart-install';
+UPDATE events
+   SET "classification.identifier" = 'open-coap'
+   WHERE "classification.identifier" = 'accessible-coap';
+UPDATE events
+   SET "classification.identifier" = 'open-ftp'
+   WHERE "classification.identifier" = 'accessible-ftp';
+UPDATE events
+   SET "classification.identifier" = 'open-hadoop'
+   WHERE "classification.identifier" = 'accessible-hadoop';
+UPDATE events
+   SET "classification.identifier" = 'open-http'
+   WHERE "classification.identifier" = 'accessible-http';
+UPDATE events
+   SET "classification.identifier" = 'open-rdpeudp'
+   WHERE "classification.identifier" = 'accessible-msrdpeudp';
+UPDATE events
+   SET "classification.identifier" = 'open-radmin'
+   WHERE "classification.identifier" = 'accessible-radmin';
+UPDATE events
+   SET "classification.identifier" = 'open-rsync'
+   WHERE "classification.identifier" = 'accessible-rsync';
+UPDATE events
+   SET "classification.identifier" = 'open-ubiquiti'
+   WHERE "classification.identifier" = 'accessible-ubiquiti-discovery-service';
+UPDATE events
+   SET "classification.identifier" = 'honeypot-ddos-amp'
+   WHERE "classification.identifier" = 'amplification-ddos-victim';
+UPDATE events
+   SET "classification.identifier" = 'blocklist'
+   WHERE "classification.identifier" = 'blacklisted-ip';
+UPDATE events
+   SET "classification.identifier" = 'open-dns'
+   WHERE "classification.identifier" = 'dns-open-resolver';
+UPDATE events
+   SET "classification.identifier" = 'honeypot-http-scan'
+   WHERE "classification.identifier" = 'honeypot-http-scan';
+UPDATE events
+   SET "classification.identifier" = 'honeypot-ics-scan'
+   WHERE "classification.identifier" = 'ics';
+UPDATE events
+   SET "classification.identifier" = 'open-ntpmonitor'
+   WHERE "classification.identifier" = 'ntp-monitor';
+UPDATE events
+   SET "classification.identifier" = 'open-ntp'
+   WHERE "classification.identifier" = 'ntp-version';
+UPDATE events
+   SET "classification.identifier" = 'open-db2'
+   WHERE "classification.identifier" = 'open-db2-discovery-service';
+UPDATE events
+   SET "classification.identifier" = 'open-isakmp'
+   WHERE "classification.identifier" = 'open-ike';
+UPDATE events
+   SET "classification.identifier" = 'open-ldap-tcp'
+   WHERE "classification.identifier" = 'open-ldap';
+UPDATE events
+   SET "classification.identifier" = 'open-nat-pmp'
+   WHERE "classification.identifier" = 'open-natpmp';
+UPDATE events
+   SET "classification.identifier" = 'open-netbios'
+   WHERE "classification.identifier" = 'open-netbios-nameservice';
+UPDATE events
+   SET "classification.identifier" = 'open-netis-router'
+   WHERE "classification.identifier" = 'open-netis';
+UPDATE events
+   SET "classification.identifier" = 'sinkhole-dns'
+   WHERE "classification.identifier" = 'sinkholedns';
+```
 
 
 ### Bots
 
 #### Github Collector
 GitHub removed the basic `Username/Password` Authentication in favor of personal access tokens. So the GitHub Collector uses an Personal Access Token for authentication [Github Documentation: Generate a personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)
+=======
 
 
 3.0.2 Maintenance release (2021-09-10)

diff --git a/docs/user/bots.rst b/docs/user/bots.rst
@@ -654,9 +654,10 @@ The Cache is required to memorize which files have already been processed (TTL n
 
 **Configuration Parameters**
 
-* `country`: The country you want to download the reports for
+* `country`: **Deprecated:** The country you want to download the reports for. Will be removed in IntelMQ version 4.0.0, use *reports* instead.
 * `apikey`: Your Shadowserver API key
 * `secret`: Your Shadowserver API secret
+* `reports`: A list of strings or a comma-separated list of the mailing lists you want to process.
 * `types`: A list of strings or a string of comma-separated values with the names of report types you want to process. If you leave this empty, all the available reports will be downloaded and processed (i.e. 'scan', 'drones', 'intel', 'sandbox_connection', 'sinkhole_combined'). The possible report types are equivalent to the file names given in the section :ref:`Supported Reports <shadowserver-supported-reports>` of the Shadowserver parser.
 * **Cache parameters** (see in section :ref:`common-parameters`, the default TTL is set to 10 days)
 

diff --git a/intelmq/bots/collectors/shadowserver/README.md b/intelmq/bots/collectors/shadowserver/README.md
@@ -0,0 +1,8 @@
+<!--
+SPDX-FileCopyrightText: 2022 The Shadowserver Foundation
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
+This module is maintained by [The Shadowserver Foundation](https://www.shadowserver.org/).  
+
+Please contact [email protected] with any issues or concerns.
diff --git a/intelmq/bots/collectors/shadowserver/collector_reports_api.py b/intelmq/bots/collectors/shadowserver/collector_reports_api.py
@@ -28,7 +28,7 @@ class ShadowServerAPICollectorBot(CollectorBot, HttpMixin, CacheMixin):
     Parameters:
         api_key (str): Your Shadowserver API key
         secret (str): Your Shadowserver API secret
-        country (str): DEPRECIATED The mailing list you want to download reports for (i.e. 'austria')
+        country (str): DEPRECATED The mailing list you want to download reports for (i.e. 'austria')
         reports (list):
             A list of strings or a comma-separated list of the mailing lists you want to process.
         types (list):

diff --git a/intelmq/bots/parsers/shadowserver/README.md b/intelmq/bots/parsers/shadowserver/README.md
@@ -0,0 +1,9 @@
+<!--
+SPDX-FileCopyrightText: 2022 The Shadowserver Foundation
+SPDX-License-Identifier: AGPL-3.0-or-later
+-->
+
+This module is maintained by [The Shadowserver Foundation](https://www.shadowserver.org/).  
+
+Please contact [email protected] with any issues or concerns.
+