You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This would somehow make a connection going on to say, Google, appearing in the Zeek logs as an attack.
The flow was flipped by Zeek's heuristic, which we trust is as good as it can get. However, maybe some additional checks can be done to process these type of flows differently to achieve higher accuracy.
The text was updated successfully, but these errors were encountered:
One of the suspected sources of possible FP is how AIP may be treating the flipped zeek flows. See, for example https://community.zeek.org/t/caret-and-the-stick/5012.
This would somehow make a connection going on to say, Google, appearing in the Zeek logs as an attack.
The flow was flipped by Zeek's heuristic, which we trust is as good as it can get. However, maybe some additional checks can be done to process these type of flows differently to achieve higher accuracy.
The text was updated successfully, but these errors were encountered: