mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
ded98cd373
This is based on commit 2731def9159247e6da8a3191783c89683363689c from the zeek-docs repo.
10 lines
236 B
Text
10 lines
236 B
Text
|
|
@load protocols/ssh/detect-bruteforcing
|
|
|
|
redef SSH::password_guesses_limit=10;
|
|
|
|
hook Notice::policy(n: Notice::Info)
|
|
{
|
|
if ( n$note == SSH::Password_Guessing && /192\.168\.56\.103/ in n$sub )
|
|
add n$actions[Notice::ACTION_EMAIL];
|
|
}
|