| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Complation fix as not on all platforms isnumber() is available | lucaderi | 2020-09-10 |
| | | |||
| * | Merge pull request #1014 from lnslbrty/improved/teamspeak | Luca Deri | 2020-09-09 |
| |\ | | | | | Improved Teamspeak(3) protocol detection. | ||
| | * | Improved Teamspeak(3) protocol detection. | Toni Uhlig | 2020-09-09 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | Added extension to detect nested subdomains as used in Browsertunnel attack tool | Luca Deri | 2020-09-09 |
| | | | | | | | | | https://github.com/veggiedefender/browsertunnel | ||
| * | | Add missing low-level serializer calls to the API | Alfredo Cardigliano | 2020-09-09 |
| |/ | |||
| * | Merge pull request #1008 from lnslbrty/add/dnscrypt | Luca Deri | 2020-09-08 |
| |\ | | | | | Improved dnscrypt v1/v2 protocol detection (and DoH provider). | ||
| | * | Added pcap file which contains dnscrypt-v1 data and resolver update ↵ | Toni Uhlig | 2020-09-07 |
| | | | | | | | | | | | | | | | | | requests/responses (v1/v2). * Renamed dnscrypt.pcap to simple-dnscrypt.pcap Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Added dnscrypt-v2-doh resolver test pcaps. | Toni Uhlig | 2020-09-07 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Updated DoT/DoH provider. | Toni Uhlig | 2020-09-07 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Improved dnscrypt v1/v2 protocol detection. | Toni Uhlig | 2020-09-06 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | Added command for specifying the aux files dir | Luca Deri | 2020-09-08 |
| |/ | |||
| * | Add start_of_block/end_of_block support to TLV | Alfredo Cardigliano | 2020-09-04 |
| | | |||
| * | Added some additional TLS mappings | Luca Deri | 2020-09-02 |
| | | |||
| * | Merge pull request #1003 from ↵ | Luca Deri | 2020-09-02 |
| |\ | | | | | | | | | lnslbrty/fix/fals-positive-cisco-hsrp-radius-detection Fixed false positive detection for Skype.SkypeCall (affects at least Cisco HSRP and RADIUS). | ||
| | * | Fixed off-by-one error in Kerberos protocol. | Toni Uhlig | 2020-09-02 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Fixed false positive detection for Skype.SkypeCall (affects at least Cisco ↵ | Toni Uhlig | 2020-09-02 |
| |/ | | | | | | HSRP and RADIUS). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added boundary check | Luca Deri | 2020-09-01 |
| | | |||
| * | Added trademark information | Luca Deri | 2020-09-01 |
| | | |||
| * | Added check for ndpi_ssl_version2str() | Luca Deri | 2020-08-31 |
| | | |||
| * | Added (optional) notifier for LRU add | Luca Deri | 2020-08-31 |
| | | |||
| * | Merge pull request #999 from IvanNardi/quic | Luca Deri | 2020-08-30 |
| |\ | | | | | QUIC: add support for GQUIC T050 and T051 | ||
| | * | QUIC: add support for GQUIC T050 and T051 | Nardi Ivan | 2020-08-30 |
| | | | | | | | | | | | | | QUIC versioning wasn't complex enough without T05X family... These versions are very similar to Q050, but use TLS as their handshake protocol. | ||
| * | | Merge pull request #998 from lnslbrty/fix/ndpireader-opt-sigsegv | Luca Deri | 2020-08-30 |
| |\ \ | | | | | | | Fixed invalid memory access leading to a SIGSEGV in ndpiReader's option parser. | ||
| | * | | Fixed invalid memory access leading to a SIGSEGV in ndpiReader's option parser. | Toni Uhlig | 2020-08-28 |
| | | | | | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | | Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are ↵ | Luca Deri | 2020-08-30 |
| | |/ |/| | | | | | not condidered safe/secure | ||
| * | | Improved ntop detection over HTTP | Luca Deri | 2020-08-30 |
| | | | | | | | | | Added cap on number of attempts for CiscoVPN | ||
| * | | Stddev calculation changes | Luca Deri | 2020-08-30 |
| | | | |||
| * | | Fixed false positive in suspicous user agent | Luca Deri | 2020-08-30 |
| | | | | | | | | | Optimized stddev calculation | ||
| * | | Merge pull request #996 from lnslbrty/fix/travis-ci | Luca Deri | 2020-08-28 |
| |\ \ | |/ |/| | Fix travis-ci related errors. | ||
| | * | Fixed travis-ci fuzzm job. Might be a false positive related to clang-7's MSAN. | Toni Uhlig | 2020-08-27 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Fixed use-of-uninitialized-value in QUIC clho decryption probably caused by ↵ | Toni Uhlig | 2020-08-27 |
| | | | | | | | | | | | | | a BUG in libgcrypt (not verified). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Moved NDPI_CURRENT_PROTO define before ndpi_api.h include to prevent a ↵ | Toni Uhlig | 2020-08-27 |
| | | | | | | | | | | | | | redefinition warning. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| | * | Fixed broken travis-ci YAML. | Toni Uhlig | 2020-08-27 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | Fixes control reaches end of non-void function | Simone Mainardi | 2020-08-27 |
| | | | |||
| * | | Passes method_len param to ndpi_http_str2method | Simone Mainardi | 2020-08-27 |
| | | | |||
| * | | Added ndpi_http_method ndpi_http_str2method(const char* method) API call | Luca Deri | 2020-08-26 |
| | | | |||
| * | | Added ndpi_http_method2str() API call | Luca Deri | 2020-08-26 |
| | | | |||
| * | | Merge pull request #992 from lnslbrty/fix/pkg-config | Luca Deri | 2020-08-26 |
| |\ \ | | | | | | | Fixed broken pkg-config file which did not care about gcrypt/pcre. | ||
| | * | | Fixed broken pkg-config file which did not care about gcrypt/pcre. | Toni Uhlig | 2020-08-24 |
| |/ / | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | Merge pull request #991 from IvanNardi/quic2 | Luca Deri | 2020-08-24 |
| |\| | | | | | QUIC: minor fixes | ||
| | * | QUIC: minor fixes | Nardi Ivan | 2020-08-24 |
| |/ | | | | | | LGTM found a real issue on a boundary check Fix unit tests: a pcap ha been uploaded twice (with different names) Fix compilation when using DPDK (see #990) | ||
| * | Creared IoT-Scada category | Luca Deri | 2020-08-23 |
| | | | | | Minor dnp3 changes | ||
| * | Cosmetic fix | Luca Deri | 2020-08-22 |
| | | |||
| * | Added QUIC dependency | Luca Deri | 2020-08-22 |
| | | |||
| * | Added libgcrypt20-dev dependency to handle QUIC | Luca Deri | 2020-08-22 |
| | | |||
| * | Added som GQUIC and IETF QUIC test pcaps | Luca Deri | 2020-08-22 |
| | | |||
| * | Fixes compilation issues introduced by https://github.com/ntop/nDPI/pull/989 | Luca Deri | 2020-08-22 |
| | | |||
| * | Warning fix | Luca Deri | 2020-08-22 |
| | | |||
| * | Merge pull request #989 from IvanNardi/quic | Luca Deri | 2020-08-22 |
| |\ | | | | | Improve QUIC detection | ||
| | * | Add sub-classification for GQUIC >= Q050 and (IETF-)QUIC | Nardi Ivan | 2020-08-21 |
| | | | | | | | | | | | | | | | | | | | | | | | Add QUIC payload and header decryption: most of the crypto code has been "copied-and-incolled" from Wireshark. That code has been clearly marked as such. All credits for that code should go to the original authors. I tried to keep the Wireshark code as similar as possible to the original, comments included, to ease future backporting of fixes. Inevitably, glibc data types and data structures, tvbuff abstraction and allocation functions have been converted. | ||