FAQ

Maltrail FAQ-list

• Q1: What are you, guys, all about?

A1: Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists.

• Q2: Can I freely use Maltrail in my infrastructure?

A2: Certainly. You can freely use Maltrail in your infrastructure. It released under MIT-license.

• Q3: How does Maltrail deal with other IDS\IPS solutions, including open-source ones?

A3: Deals pretty good. Maltrail does not conflict with any known IDS\IPS solutions, including open-source ones. Maltrail has its own approach on malicious network traffic detection, which can either be used as dedicated solution, and simultaneously as a combo with other IDS\IPS solutions on a target system, complementing each other. Maltrail does not put vs.-sign here. Just a and-sign instead.

• Q4: What OS does Maltrail support?

A4: Maltrail is written on Python, so easily can be ported to any OS. Currently, Maltrail works fine on various Linux systems. Also Maltrail is ported to *BSD-like OS-es. List of products, which use Maltrail, can be found on Maltrail Third-party Integrations page.