Our team is excited to share the latest news and features of Slips, our behavioral-based machine learning intrusion detection system. 

Quick links:

• Download Slips from our GitHub repository: https://github.com/stratosphereips/StratosphereLinuxIPS

• Access Slips documentation through Read the Docs: https://stratospherelinuxips.readthedocs.io/en/develop/

What We Are Particularly Excited About

In this release we are particularly excited about these new Slips features:

- Use All-ID hash to fingerprint flows stored in the flows database.

- Increase the weight of port scan alerts by increasing its threat level.

- Fix false positive port scan alerts.

- Add an option in slips.conf to wait for the update manager to update all TI feeds before starting Slips to avoid missing any blacklisted IPs evidence.

- Fix error detecting password guessing.

- Fix issues reading all flows when running on a low-spec device.

- Improve the stopping of slips and termination of processes.

- Improve the progress bar.

- Fix reading flows from stdin.

- Better code, logs, and unit tests.

Check the full list of changes in our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.0.8

Learn more!

Wondering what Slips is capable of? Check out these demo presentations:

• LCN conference in 2021: https://youtu.be/1KqwlxVuf48 

• BlackHat USA Arsenal 2022: https://youtu.be/dJuTmi2bJcI 

How to contribute

For those interested in contributing to Slips:

• https://stratospherelinuxips.readthedocs.io/en/develop/contributing.html 

• https://www.stratosphereips.org/blog/2022/6/6/writing-a-slips-module 

• https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html 

Get in Touch

Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.

Article Link: New Slips version v1.0.8 is here! — Stratosphere IPS