Added NMAP planning and updated constraints
This commit is contained in:
@@ -1,10 +1,17 @@
|
||||
## LLM Constraints and Guidelines
|
||||
- Please do not report on anything that is older then 48 hours.
|
||||
- The server uses a custom DNS server at 192.168.2.112.
|
||||
|
||||
### Important Things to Focus On:
|
||||
- Security-related events such as failed login attempts, unauthorized access, or unusual network connections.
|
||||
- Events indicating loss of connectivity or unreachable hosts.
|
||||
- Unexpected network additions or unusual traffic patterns.
|
||||
|
||||
### Less Important Things:
|
||||
- Do not flag minor fluctuations in network Round Trip Time (RTT) as anomalies. These are considered normal network variance.
|
||||
- Prioritize security-related events such as failed login attempts, unauthorized access, or unusual network connections.
|
||||
- Focus on events indicating loss of connectivity or unreachable hosts.
|
||||
- Highlight any unexpected network additions or unusual traffic patterns.
|
||||
- The DNS server 8.8.8.8 is Google's public DNS server and is a legitimate destination. Do not flag requests to 8.8.8.8 as anomalous.
|
||||
|
||||
### Actions Taken:
|
||||
- The following IP's have been banned based on your feedback:
|
||||
- 77.83.240.46
|
||||
- 45.88.8.215
|
||||
@@ -12,6 +19,6 @@
|
||||
- 120.48.49.12
|
||||
- 23.137.255.140
|
||||
- 101.89.148.7
|
||||
- On August 18th, 2025, a firewall was set up to prevent all unknown IP's from SSH access. The Only IP's that have SSH access are 192.168.2.0/24 and 100.64.0.0/10
|
||||
- Please do not report on anything that is older then 48 hours.
|
||||
- On August 19th, 2025, a firewall was set up to prevent all unknown IP's from SSH access. The Only IP's that have SSH access are 192.168.2.0/24 and 100.64.0.0/10
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user