Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system.
Quick links:
What We Are Particularly Excited About
In this release we are particularly excited about these new Slips capabilities:
- Drop root privileges in modules that don't need them
- Added support for running slips in the background as a daemon
- Fix the issue of growing zeek logs by deleting old zeek logs every 1 day. (optional but enabled by default)
- Added support for running several instances of slips at the same time.
- Saving and loading the db in MacOS
- Fix reading flows from stdin, now it supports zeek, argus and suricata
- Faster Startup of slips, now slips updates the TI files in the background
More new features
We are constantly improving Slips, and a full list of changes in this last version is available in the Slips changelog.
These are some of the new cool features that we have been working on:
- Added slips.log where all Slips logs goes. in daemon and interactive mode
- Automatic starting of redis servers (cache and main databases).
- Added a new TI file https://hole.cert.pl/domains/domains.json
- Update the docs and added instructions for contributing and creating a new module
Check Our Slips Demo
Get a quick overview of what Slips is about and all its capabilities in this demo presented at the LCN conference in 2021.
https://www.youtube.com/watch?v=1KqwlxVuf48
And the analysis of several malicious PCAPs using Slips:
https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html](https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html
Detailed explanation on how to contribute and create a new module:
https://stratospherelinuxips.readthedocs.io/en/develop/create_new_module.html
Get in Touch
Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.
Article Link: New Slips version 0.9.1 is here! — Stratosphere IPS