FAQ

Q1: What is Maltrail all about?

• A1: Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists.

Q2: Can I freely use Maltrail in my infrastructure?

• A2: Certainly. You can freely use Maltrail in your infrastructure. It is released under MIT-license.

Q3: Can Maltrail be used along with other IDS/IPS solutions?

• A3: Yes. Maltrail can be used without any conflicts with any known IDS/IPS solutions, including open-source ones. Maltrail has its own approach to malicious network traffic detection, which can either be used as a dedicated or complementary solution to other IDS/IPS solutions.

Q4: What OS does Maltrail support?

• A4: Maltrail is written in Python, so it should be portable to any OS. Nevertheless, Maltrail has been originally written for Linux systems, while recently ported to *BSD systems.

Q5: Can Maltrail be integrated into other solutions?

• A5: Yes. An updated list of products, which use Maltrail, can be found on Maltrail Third-party Integrations page.

Q6: I have discovered a vulnerability in Maltrail code. How can I report about it?

• A6: Meet the action algorithm in Reporting Maltrail Security Vulnerability description.