Added risks for checking

- invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension
author: Luca Deri <deri@ntop.org> 2020-09-21 19:57:23 +0200
committer: Luca Deri <deri@ntop.org> 2020-09-21 19:57:23 +0200
commit: 60a9f6610d7b15c33ecd8db865cf8f7519ad0ef0 (patch)
tree: 9dbe80b23501ba77cd9bfc782d7ae34ec16b3381 /python/ndpi.py
parent: 0259ff58e13d94ee497d07072505c94ee8144a42 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/python/ndpi.py b/python/ndpi.py
index c60faa96b..066ca2e9f 100644
--- a/python/ndpi.py
+++ b/python/ndpi.py
@@ -314,6 +314,8 @@ typedef enum {
   NDPI_SMB_INSECURE_VERSION,
   NDPI_TLS_SUSPICIOUS_ESNI_USAGE,
   NDPI_UNSAFE_PROTOCOL,
+  NDPI_DNS_SUSPICIOUS_TRAFFIC,
+  NDPI_TLS_MISSING_SNI,
   /* Leave this as last member */
   NDPI_MAX_RISK
 } ndpi_risk_enum;
author	Luca Deri <deri@ntop.org>	2020-09-21 19:57:23 +0200
committer	Luca Deri <deri@ntop.org>	2020-09-21 19:57:23 +0200
commit	60a9f6610d7b15c33ecd8db865cf8f7519ad0ef0 (patch)
tree	9dbe80b23501ba77cd9bfc782d7ae34ec16b3381 /python/ndpi.py
parent	0259ff58e13d94ee497d07072505c94ee8144a42 (diff)