Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
grep ads.servenobid.com alerts.log
2023-02-20T11:07:50.528144+01:00: Src IP 192.168.1.109 (project-VirtualBox). Detected domain ads.servenobid.com resolved with no connection
but there are TLS connections. so after DNS we are not checking TLS correctly
Slips version: 1.0.6 File: CTU-SME-11/CTU-SME-11/Experiment-VM-Linux-Ubuntu2204-1/2023-02-20/raw/2023-02-20-00-00-03-192.168.1.109.pcap Branch: develop Commit: b44b585a68a4e2d3670dc03337b1e4671a2464ad
grep ads.servenobid.com alerts.log 2023-02-20T11:07:50.528144+01:00: Src IP 192.168.1.109 (project-VirtualBox). Detected domain ads.servenobid.com resolved with no connection but there are TLS connections. so after DNS we are not checking TLS correctly
grep ads.servenobid.com zeek_files/*
Created by Alya Gomaa via monday.com integration. 🎉