Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
when monitoring the redis db after 7hs of analysis using the horizontal portscan module only, there are thousands of calls for getting the "DNSresolution" of IPs, this is happening in filter_dstips(), if we can find a way to speed it up or cache it, it would make a big difference
Update: after 3 days of running slips, network discovery I still doing the same thing
when monitoring the redis db after 7hs of analysis using the horizontal portscan module only, there are thousands of calls for getting the "DNSresolution" of IPs, this is happening in filter_dstips(), if we can find a way to speed it up or cache it, it would make a big difference
Update: after 3 days of running slips, network discovery I still doing the same thing