diff options
| author | Luca Deri <deri@ntop.org> | 2020-06-11 18:51:53 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2020-06-11 18:51:53 +0200 |
| commit | 55364ef0b4ef629630a663dc7b05d83c1b662067 (patch) | |
| tree | 46d9c5ecd55e7af6a2487b0bd9f6bf4eacebc765 /example/ndpiReader.c | |
| parent | 60aaa80570b48b15c14c2a5133d9b73f7578b21a (diff) | |
Added DGA risk for names that look like a DGA
Diffstat (limited to 'example/ndpiReader.c')
| -rw-r--r-- | example/ndpiReader.c | 65 |
1 files changed, 60 insertions, 5 deletions
diff --git a/example/ndpiReader.c b/example/ndpiReader.c index fd55c3290..8ce4c6263 100644 --- a/example/ndpiReader.c +++ b/example/ndpiReader.c @@ -417,6 +417,7 @@ static void help(u_int long_help) { ndpi_dump_protocols(ndpi_info_mod); } + exit(!long_help); } @@ -3048,6 +3049,59 @@ void test_lib() { /* *********************************************** */ +static void dgaUnitTest() { + const char *s[] = { + "zoomam104zc.zoom.us", + "5CI_DOMBIN", + "ALICEGATE", + "BOWIE", + "D002465", + "DESKTOP-RB5T12G", + "ECI_DOM", + "ECI_DOMA", + "ECI_DOMAIN", + "ENDIAN-PC", + "GFILE", + "GIOVANNI-PC", + "GUNNAR", + "ISATAP", + "LAB111", + "LP-RKERUR-OSX", + "LUCAS-IMAC", + "LUCASMACBOOKPRO", + "MACBOOKAIR-E1D0", + "MDJR98", + "NASFILE", + "SANJI-LIFEBOOK-", + "SC.ARRANCAR.ORG", + "WORKG", + "WORKGROUP", + "XSTREAM_HY", + "__MSBROWSE__", + "mqtt.facebook.com", + NULL + }; + int i; + NDPI_PROTOCOL_BITMASK all; + struct ndpi_detection_module_struct *ndpi_str = ndpi_init_detection_module(ndpi_no_prefs); + + assert(ndpi_str != NULL); + + ndpi_set_protocol_detection_bitmask2(ndpi_str, &all); + + ndpi_finalize_initalization(ndpi_str); + + assert(ndpi_str != NULL); + + for(i=0; s[i] != NULL; i++) { + assert(ndpi_check_dga_name(ndpi_str, NULL, (char*)s[i]) == 0); + } + + ndpi_exit_detection_module(ndpi_str); +} + +/* *********************************************** */ + static void hllUnitTest() { struct ndpi_hll h; u_int8_t bits = 8; /* >= 4, <= 16 */ @@ -3357,7 +3411,13 @@ int orginal_main(int argc, char **argv) { return(-1); } + gettimeofday(&startup_time, NULL); + ndpi_info_mod = ndpi_init_detection_module(ndpi_no_prefs); + + if(ndpi_info_mod == NULL) return -1; + /* Internal checks */ + dgaUnitTest(); hllUnitTest(); bitmapUnitTest(); automataUnitTest(); @@ -3365,11 +3425,6 @@ int orginal_main(int argc, char **argv) { analyzeUnitTest(); ndpi_self_check_host_match(); - gettimeofday(&startup_time, NULL); - ndpi_info_mod = ndpi_init_detection_module(ndpi_no_prefs); - - if(ndpi_info_mod == NULL) return -1; - memset(ndpi_thread_info, 0, sizeof(ndpi_thread_info)); parseOptions(argc, argv); |