Skip to content

Issues: stratosphereips/StratosphereLinuxIPS

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

269 Open 366 Closed
269 Open 366 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Add to the docs how we do the queues to aggregate queries and where exactly we do that Documentation Related to documentation
#1170 opened Jan 14, 2025 by AlyaGomaa
@AlyaGomaa
handle_pending_queries() in ip_info can use a speedup, we can make it async and get rid of the waiting of 2 mins, for faster queries.
#1169 opened Jan 14, 2025 by AlyaGomaa
1
@aniket2405
1
Add a script to update Slips from inside docker.
#1165 opened Jan 14, 2025 by AlyaGomaa
Modify the documentation to say that modules wait in 'queues' until the needed information is available, and then they continue Documentation Related to documentation
#1164 opened Jan 14, 2025 by eldraco
@AlyaGomaa
test_database.py sometimetimes passes and sometimes fails. it's not consistent Better-tests An issue that is related to how we test slips, unit tests,integration test, CI Bug
#1162 opened Jan 13, 2025 by AlyaGomaa
@Sekhar-Kumar-Dash
3
Fix syntax warning in main.py Bug
#1152 opened Jan 8, 2025 by AlyaGomaa
@Sekhar-Kumar-Dash
2
Dont overwrite the output dir if -o is given with an existing output directory Improvement
#1150 opened Jan 7, 2025 by AlyaGomaa
@AlyaGomaa
the % of flows read don't show in the pcaps, but after the input process is done, we know the total floas to be processed by slips, we can then add the flows % to the stats using that number. Improvement
#1113 opened Dec 11, 2024 by AlyaGomaa
@AlyaGomaa
RNN CC Detection module has 25+ threads opened when analysing a large pcap. check why Improvement
#1108 opened Dec 9, 2024 by AlyaGomaa
@eldraco
GeoLite2-ASN.mmdb and GeoLite2-Country.mmdb are included in slips repo, download them on startup instead. They’re 11MB Improvement
#1103 opened Dec 3, 2024 by AlyaGomaa
1
Some threat intelligence lists have false positives. Slips should filter the easy ones. Bug Difficulty: Beginners Stuff that you can do with skills for starters Help wanted
#1094 opened Dec 1, 2024 by eldraco
@AlyaGomaa @AbhiramMasna
2
The 'Detected Long Connection' detection wrongly considers broadcast addresses. Bug Difficulty: Beginners Stuff that you can do with skills for starters Help wanted
#1093 opened Dec 1, 2024 by eldraco
@AlyaGomaa
CI: Publish the 2 docker images in parallel on push to master Improvement
#1091 opened Nov 29, 2024 by AlyaGomaa
@AlyaGomaa
Be nice to have this ported to FreeBSD so it can work with Opnsense
#1089 opened Nov 29, 2024 by lpingree
Profiles that generate an alert while analysing PCAPs should be marked in red, not just timewindows Difficulty: Beginners Stuff that you can do with skills for starters Web Interface
#1083 opened Nov 27, 2024 by AlyaGomaa
@AbhiramMasna
6
running_slips_infto.txt should have json lines instead Improvement
#1080 opened Nov 25, 2024 by AlyaGomaa
@AlyaGomaa
Use more descriptive db key names Improvement
#1072 opened Nov 19, 2024 by AlyaGomaa
@AlyaGomaa
Rename this key 'DstPortsClientTCPNot Established' used in the horizontal portscan to something that state that these are “resolved_ips” Improvement
#1030 opened Oct 9, 2024 by AlyaGomaa
@AlyaGomaa
Check if we have issues, like illegal instruction running ml modules, we can disable them automatically Improvement
#1025 opened Oct 8, 2024 by AlyaGomaa
@AlyaGomaa
Add a script to start the local and global p2p from inside docker
#1004 opened Sep 25, 2024 by AlyaGomaa
in the check_connection_without_dns_resolution detection, why wait for the dns connection to appear in dns.log if we already have it in conn.log with the proto "dns"?
#1003 opened Sep 24, 2024 by AlyaGomaa
re-do ensembling module
#1000 opened Sep 24, 2024 by AlyaGomaa
1 of 2 tasks
1
Slips is not listening forever for whitelist changes, it's only listening until profiler.py is dont receiving flows. after that, profiler stops and slips doesnt see whitelist changes anymore
#997 opened Sep 23, 2024 by AlyaGomaa
Add an integration test for test18-malicious-ctu-sme-11-win Better-tests An issue that is related to how we test slips, unit tests,integration test, CI
#995 opened Sep 20, 2024 by AlyaGomaa
@AlyaGomaa
Slips pcap analysis needs hours for bigger test files
#986 opened Sep 13, 2024 by maldwg
2
ProTip! Find all open issues with in progress development work with linked:pr.