Packages

blacklist

By initconf

package to manage blacklisted IP address ysing bro

CVE-2017-5638_struts

By initconf

package to detect CVE-2017-5638 struts attack

CVE-2020-16898

By corelight

A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) AKA BadNeighbor

CVE-2020-16898-Bad-Neighbor

By initconf

CVE-2020-16898: Bad Neighbor

ftp-bruteforce

By initconf

ftp-bruteforce

icmp-scans

By initconf

icmp-scans

LetsEncrypt

By initconf

LetsEncrypt

phish-analysis

By initconf

Suite of smtp related policies includes extracting and logging URLs from emails and various smtp anomaly detection heuristics to help flag phishing emails

scan-NG

By initconf

scan detection in 2.x world. Forward porting of bro-1.5.3 scan.bro accompanied with new heuristics and quicker detections

smtp-url-analysis

By initconf

Suite of smtp related policies includes extracting and logging URLs from emails and various smtp anomaly detection heuristics to help flag phishing emails

vnc-scanner

By initconf

Simple policy to detect VNC (RFB) scanners based on src->dst connection counts

Page 1 of 1, showing 13 record(s) out of 13 total