Our team is excited to share the latest news and features of Slips, our behavioral-based machine-learning intrusion detection system.
Quick links:
Download Slips from our GitHub repository: https://github.com/stratosphereips/StratosphereLinuxIPS
Access Slips documentation through Read the Docs: https://stratospherelinuxips.readthedocs.io/en/develop/
What We Are Particularly Excited About
In this release, we are particularly excited about these new Slips features:
- Fix using -k to kill opened Redis servers.
- Better README and docs.
- Improve URLhaus detections.
- Improve the detection of vertical and horizontal portscans
- Unify disabled module names printed in the CLI.
- Set the threat level reported to other peers to the max of threat levels seen in any time window.
- Faster detections of devices changing IPs
- Remove the home_network feature from Slips.
- Faster detection of alerts.
- Fix the problem of not using 'command and control channel' evidence in the alert of each profile.
Check the full list of changes on our release page: https://github.com/stratosphereips/StratosphereLinuxIPS/releases/tag/v1.0.9
Learn more!
Wondering what Slips is capable of? Check out these demo presentations:
LCN conference in 2021: https://youtu.be/1KqwlxVuf48
BlackHat USA Arsenal 2022: https://youtu.be/dJuTmi2bJcI
How to contribute
For those interested in contributing to Slips:
https://stratospherelinuxips.readthedocs.io/en/develop/contributing.html
https://www.stratosphereips.org/blog/2022/6/6/writing-a-slips-module
https://stratospherelinuxips.readthedocs.io/en/develop/slips_in_action.html
Get in Touch
Feel free to join our Discord server and ask questions, suggest new features or give us feedback. PRs and Issues are welcomed in our repo.
Article Link: New Slips version v1.0.9 is here! — Stratosphere IPS