Comments (6)
Well, it waits for the first next SYN (TCP connection attempt) at the sensor after the port scanning. Basically, if you do any kind of connection attempt afterwards it will write the heuristics for the scanning attempt (if any).
from maltrail.
@15w34r0n3D4y please update to the latest revision. Now the "flushing" part (of port scanning heuristics) should occur much often (on any sniffed packet)
from maltrail.
Ok updated but problem still here, sensor shutdown and all I can see sensors restart again and stop on [?] progress: 53/54 (98%) and software which I ping closed too (it is strange).
Now I can't see when is sensor shutdown (no time) and where stop ping (which is latest IP pinged)...
from maltrail.
Most probably memory related. How much RAM do you have there?
from maltrail.
Probably because I have only 1gb.
from maltrail.
@15w34r0n3D4y Hello! After 7 years wanna ask a question: could you re-run the lastest version/revision of Maltrail and to check again. Or can current issue be closed? Thank you!
from maltrail.
Related Issues (20)
- [BUG]False Positive 185.199.109.133 HOT 1
- Custom image HOT 5
- Netflow or Span Port HOT 1
- [Feature Request] Show Number Of Past Entries HOT 1
- IP: 117.17.191.45 | Malware HOT 1
- [Feature Request] HOT 1
- Maltrail won't boot HOT 8
- Running a docker container built with your Dockerfile both server.py and sensor.py fail to restart. HOT 4
- [Questions and Support] ModuleNotFoundError: No module named 'thirdparty.six.moves' HOT 4
- [Feature Request] Integrate IPinfo's free database for ASN+country enrichment, filters, and eliminating HTTP calls HOT 4
- [Questions and Support] The server.py does not raise if I define an ip in UDP_ADDRESS HOT 6
- External IP Flagged in Blocklist in Maltrail and Appears to also be affecting blocks on other sites... HOT 18
- Windows 11 Returns HOT 9
- [BUG] cruzit URL changed HOT 1
- [BUG] python six module HOT 10
- [BUG] Fortinet block page (fortinet-block-page-55.fortinet.com) listed as malicious. HOT 2
- Bad domains HOT 2
- [Questions and Support] Maltrail not listening on port 8337/udp HOT 6
- [Feature Request] Improvement for PHP-inj detection (TellYouThePass Ransomware)
- Not really an Issue HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from maltrail.