Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Other
697
stars
172
forks
source link
Add to whitelist to ignore port 5353 of the multicast of the p2p, because it is being detected in this evidence "Connecting to private IP" #620
In the p2p
2024-03-12T12:22:38.333895+00:00 (TW 1): Src IP x. Detected Connecting to private IP: 172.16.2.5 on destination port: 5353 threat level: info. 2024-03-12T12:22:38.333895+00:00 (TW 1): Src IP x Detected Connecting to private IP: 172.16.2.5 on destination port: 5353 threat level: info.
solution Whitelist the port 5353/UDP and the IP address used by the p2p module. (not sure which one it was)
Created by Alya Gomaa via monday.com integration. 🎉