vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Skip (and report) bad IPs in scan check

Browse source
This commit is contained in:
Alfredo Cardigliano 2025-05-27 16:05:40 +02:00
parent a320372b5d
commit 48c849f4c7
1 changed files with 9 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

12
scripts/lua/modules/check_definitions/host/scan.lua
View file

@ -54,7 +54,14 @@ local function report_alert(params, attacker, vlan, victim, num_victims, is_vict
vlan = vlan
}
end
local descr = ""
local host_key = hostinfo2hostkey(hostinfo)
if isEmptyString(host_key) then
traceError(TRACE_ERROR, TRACE_CONSOLE, string.format("Trying to trigger a scan alert with an empty IP address, please report."))
return
end
local score = 100
local alert = alert_consts.alert_types.host_alert_scan.new(
@ -64,7 +71,6 @@ local function report_alert(params, attacker, vlan, victim, num_victims, is_vict
num_victims,
attack
)
local host_key = hostinfo2hostkey(hostinfo)
alert:set_subtype(host_key)
alert:set_score(score)
alert:set_require_attention()
@ -308,4 +314,4 @@ script.hooks["5mins"] = scan_check
-- #################################################################
return script
return script