Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Other
712
stars
176
forks
source link
Check why some evidence in alerts.log had and extra \n at the end. #1039
e.g
1970-01-01T00:08:36.002535+00:00 (TW 1): Src IP x . Detected non-HTTP established connection to port 80. destination IP: y threat level: medium. IP x AS: UNINET, MX AS8151 rDNS: dsl-189-241-104-183-dyn.prod-infinitum.com.mx, appears in blacklist: PBL Spamhaus Maintained, spamhaus.
1970-01-01T00:08:19.979620+00:00 (TW 1): Src IP x . Detected non-HTTP established connection to port 80. destination IP: y threat level: medium. IP x AS: IDIGITAL, CA AS54643
e.g 1970-01-01T00:08:36.002535+00:00 (TW 1): Src IP x . Detected non-HTTP established connection to port 80. destination IP: y threat level: medium. IP x AS: UNINET, MX AS8151 rDNS: dsl-189-241-104-183-dyn.prod-infinitum.com.mx, appears in blacklist: PBL Spamhaus Maintained, spamhaus. 1970-01-01T00:08:19.979620+00:00 (TW 1): Src IP x . Detected non-HTTP established connection to port 80. destination IP: y threat level: medium. IP x AS: IDIGITAL, CA AS54643