Added binary data transfer risk alert

author: Luca <deri@ntop.org> 2024-04-03 15:41:26 +0200
committer: Luca <deri@ntop.org> 2024-04-03 15:41:26 +0200
commit: 225ff7f8a4ecb2b55b164a4d5544736a43f1fbf4 (patch)
tree: ea1cd6479dc62ba854852f24ae14d9d52906cc19 /doc/flow_risks.rst
parent: 1acc9ee3965c4f88a62dbd2f5cbad75c21f59be0 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/flow_risks.rst b/doc/flow_risks.rst
index 08ded148a..5344b8425 100644
--- a/doc/flow_risks.rst
+++ b/doc/flow_risks.rst
@@ -247,7 +247,7 @@ Additionally, some TLS protocol fields are checked for printable characters as w
 
 NDPI_POSSIBLE_EXPLOIT
 =====================
-The risk is set whenever a possible exploit (e.g. `Log4J/Log4Shell <https://en.wikipedia.org/wiki/Log4Shell>`_) is detected.
+The risk is set whenever a possible exploit attempt (e.g. `Log4J/Log4Shell <https://en.wikipedia.org/wiki/Log4Shell>`_) is detected.
 
 .. _Risk 041:
 
@@ -328,3 +328,9 @@ Invalid TLS ALPN/SNI mismatch. For instance ALPN advertises the flow as h2 (HTTP
 NDPI_MALWARE_CONTACTED
 ======================
 Client contacted a server host labelled as malware.
+
+.. _Risk 054:
+
+NDPI_BINARY_TRANSFER_ATTEMPT
+============================
+HTTP only: this risk indicates that a binary data application has been attempted (but failed).
author	Luca <deri@ntop.org>	2024-04-03 15:41:26 +0200
committer	Luca <deri@ntop.org>	2024-04-03 15:41:26 +0200
commit	225ff7f8a4ecb2b55b164a4d5544736a43f1fbf4 (patch)
tree	ea1cd6479dc62ba854852f24ae14d9d52906cc19 /doc/flow_risks.rst
parent	1acc9ee3965c4f88a62dbd2f5cbad75c21f59be0 (diff)