mirror of
https://github.com/zeek/zeek.git
synced 2025-10-15 04:58:21 +00:00
adce4e604a
This is based on commit 99e6942efec5feff50523f6b2a1f5868f19ab638 from the zeek-docs repo.
10 lines
236 B
Text
10 lines
236 B
Text
|
|
@load protocols/ssh/detect-bruteforcing
|
|
|
|
redef SSH::password_guesses_limit=10;
|
|
|
|
hook Notice::policy(n: Notice::Info)
|
|
{
|
|
if ( n$note == SSH::Password_Guessing && /192\.168\.56\.103/ in n$sub )
|
|
add n$actions[Notice::ACTION_EMAIL];
|
|
}
|