Comments (8)
- Please turn on
SHOW_DEBUG true
inmaltrail.conf
. Then rerun thesensor.py
. Please tell if some errors occur - Can you please tcpdump some traffic on eth2 and send it to
[email protected]
? Maybe there is some encapsulation going on. Have to check it in raw tcpdump - You could try
python -m SimpleHTTPServer 8000
and visit thehttp://xxx.yyy.zzz.www:8000/?id=SELECT%20foobar%20FROM%20users%20WHERE%201%20LIKE%201
, wherexxx.yyy.zzz.www
is the ip address of interface eth2 (if there is none, you could temporary assign the address to it). Request to that link should trigger thesuspicious http request
.
from maltrail.
I'll give your suggestions a try and report here thank you.
from maltrail.
Pcap emailed...not seeing any errors in the sensor debug. Thank you.
from maltrail.
@DigiAngel I've spotted the problem. CISCO VLAN tagging included. I have to deal with it and do the proper patch. Will let you know
from maltrail.
Awesome...thank you!
from maltrail.
@DigiAngel with the latest patch you'll probably be able to do the capture on that interface. In case of further problems, please let me know
from maltrail.
Thanks I will give it a try in the morning.
from maltrail.
This is working now...thanks so much!
from maltrail.
Related Issues (20)
- [Questions] How to enable only selected trails? HOT 5
- [Feature Request] Extend FAIL2BAN_REGEX with "iot-malware download" verdict HOT 1
- Add abuseipdb lists HOT 5
- Updating maltrail HOT 2
- [Feature Request][RCE] Improve CVE-2016-0545 detection HOT 1
- [Feature Request] Suspicious Hidden Child Process of Launchd HOT 1
- api:how to curl maltrail info HOT 5
- How to add severity to local logs? HOT 4
- [BUG]False Positive 185.199.109.133 HOT 1
- Custom image HOT 5
- Netflow or Span Port HOT 1
- [Feature Request] Show Number Of Past Entries HOT 1
- IP: 117.17.191.45 | Malware HOT 1
- [Feature Request] HOT 1
- Maltrail won't boot HOT 8
- Running a docker container built with your Dockerfile both server.py and sensor.py fail to restart. HOT 4
- [Questions and Support] ModuleNotFoundError: No module named 'thirdparty.six.moves' HOT 4
- [Feature Request] Integrate IPinfo's free database for ASN+country enrichment, filters, and eliminating HTTP calls HOT 4
- [Questions and Support] The server.py does not raise if I define an ip in UDP_ADDRESS HOT 6
- External IP Flagged in Blocklist in Maltrail and Appears to also be affecting blocks on other sites... HOT 18
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from maltrail.