diff options
| author | Luca Deri <deri@ntop.org> | 2021-01-27 11:43:35 +0100 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2021-01-27 11:43:35 +0100 |
| commit | aeeccee106064d17159789a0db5f218573ff8d79 (patch) | |
| tree | d443d4f8003804728c69f09f0540b0cc7ae2d2fe | |
| parent | aa5486f5f8815cc4405b1be7d31ef923b51ab3fc (diff) | |
DGA name improvement
| -rw-r--r-- | src/lib/ndpi_main.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index d8c137227..4ca4bf415 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -6887,8 +6887,16 @@ int ndpi_check_dga_name(struct ndpi_detection_module_struct *ndpi_str, } switch(word[i]) { - case '_': case '-': + /* + Let's check for double+consecutive -- + that are usually ok + r2---sn-uxaxpu5ap5-2n5e.gvt1.com + */ + if(word[i+1] == '-') + return(0); /* Double dash */ + + case '_': case ':': continue; break; |