vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 15:39:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

TCP SYN Scan detection (implements #2963)

Browse source
This commit is contained in:
Alfredo Cardigliano 2019-10-24 15:35:26 +02:00
parent 955eed4b50
commit afbb34e262
10 changed files with 128 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

15
scripts/lua/modules/alerts_api.lua
View file

@ -555,6 +555,21 @@ end
-- ##############################################
function alerts_api.synScanType(granularity, metric, value, operator, threshold)
return({
alert_type = alert_consts.alert_types.alert_tcp_syn_scan,
alert_subtype = metric,
alert_granularity = alert_consts.alerts_granularities[granularity],
alert_severity = alert_consts.alert_severities.error,
alert_type_params = {
value = value,
threshold = threshold,
}
})
end
-- ##############################################
function alerts_api.flowFloodType(granularity, metric, value, operator, threshold)
return({
alert_type = alert_consts.alert_types.alert_flows_flood,