-
Notifications
You must be signed in to change notification settings - Fork 621
/
pkg-descr
62 lines (37 loc) · 1.13 KB
/
pkg-descr
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
Maltrail is a malicious traffic detection system, utilizing publicly
available (black)lists containing malicious and/or generally suspicious
trails, along with static trails compiled from various AV reports and
custom user defined lists, where trail can be anything from domain name,
URL, IP address or HTTP User-Agent header value. Also, it uses advanced
heuristic mechanisms that can help in discovery of unknown threats.
WWW: https://github.com/stamparm/maltrail
Changelog
---------
1.10
* Add CHECK_HOST_DOMAINS option
1.9
* Remove MFS support for /var/log/
1.8
* Add firewall alias "BlocklistMaltrail" that points to the built-in ip block list
1.7
* Allow sensor cron restart
* Add syslog export
1.6
* Allow to set capture buffer size
1.5
* Change whitelisting format (by @jkellerer)
* Add alienvault to disabled feeds
1.4
* Switch Python to version 3
1.3
* Fix a typo in model labeling preventing to use remote server logging
1.2
* Fix a typo in template generation
1.1
* Add a note in General tab
* Add whitelisting support
1.0
* Server support
* Sensor support
* Allow to set listen interface
* Allow to set admin password