Notification for traffic from unseen host #630
Labels
enhancement
New feature, request, or improvement
Comments
erieflin
changed the title
|
Hi @erieflin Thanks for the suggestion, however I'm not totally convinced about this notification approach. As you mentioned, keeping this persistent across different runs is probably out of the scope of this issue, and in general I think there could be better notification strategies to have a sort of security advisories. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Describe the solution you'd like
For the custom notifications, it would be useful to have a notification that can occur the first time traffic from/to a host is detected.
Ideally there would be some way to keep this list persistent across runs. (but that might be a bigger item)
In a similar previous tool that i used, a feature like this was used to "warn" on new traffic, and basically allowed a continually running scan to provide some active visibility for increased security
For example, if you downloaded something that looked innocent, but suddenly your computer starts making a lot of requests to strange hosts in a foreign country seemingly unrelated to the download, a notification here could alert that something may be up
Is your feature request related to a problem?
no
The text was updated successfully, but these errors were encountered: