Added support for Log4J/Log4Shell detection in nDPI via a new flow risk named NDPI_POSSIBLE_EXPLOIT

author: Luca Deri <deri@ntop.org> 2021-12-23 21:30:16 +0100
committer: Luca Deri <deri@ntop.org> 2021-12-23 21:30:16 +0100
commit: c4ac53a03fa1fbfd5a5d7fea507cfcbe5b307914 (patch)
tree: dcf5ab420ea7c835b1eb5eaf4be718d2f257a81b /src/lib/ndpi_main.c
parent: fdb6481cd6d019651faea6cdd962db099cbf20a3 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c
index 7e1829b22..84c32d79b 100644
--- a/src/lib/ndpi_main.c
+++ b/src/lib/ndpi_main.c
@@ -108,6 +108,7 @@ static ndpi_risk_info ndpi_known_risks[] = {
   { NDPI_DNS_LARGE_PACKET,                      NDPI_RISK_MEDIUM, CLIENT_FAIR_RISK_PERCENTAGE },
   { NDPI_DNS_FRAGMENTED,                        NDPI_RISK_MEDIUM, CLIENT_FAIR_RISK_PERCENTAGE },
   { NDPI_INVALID_CHARACTERS,                    NDPI_RISK_HIGH,   CLIENT_HIGH_RISK_PERCENTAGE },
+  { NDPI_POSSIBLE_EXPLOIT,                      NDPI_RISK_SEVERE, CLIENT_HIGH_RISK_PERCENTAGE },
 
   /* Leave this as last member */
   { NDPI_MAX_RISK,                              NDPI_RISK_LOW,    CLIENT_FAIR_RISK_PERCENTAGE }
author	Luca Deri <deri@ntop.org>	2021-12-23 21:30:16 +0100
committer	Luca Deri <deri@ntop.org>	2021-12-23 21:30:16 +0100
commit	c4ac53a03fa1fbfd5a5d7fea507cfcbe5b307914 (patch)
tree	dcf5ab420ea7c835b1eb5eaf4be718d2f257a81b /src/lib/ndpi_main.c
parent	fdb6481cd6d019651faea6cdd962db099cbf20a3 (diff)