NEW ALERT: Traceroute from internal network.

A3sal0n / FalconGate

A smart gateway to stop cyber criminals - Sponsored by Falcon Guard

https://falconguard.cz

GNU General Public License v3.0

252 stars 59 forks source link

NEW ALERT: Traceroute from internal network. #24

Closed easy4MEr closed 7 years ago

easy4MEr commented 7 years ago

Edited lib/logparser.py

Into class ReadBroNotice added new regex, matching the traceroute detection in bro logs (/usr/local/bro/logs/current/notice.log), everything tested, working without any issues.