| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | wireshark/lua: improve flow risk visualization (#1194) | Ivan Nardi | 2021-06-02 | |
| | | | | | | Create a separated proto field entry for each possible flow risk. This way, filtering will be more natural: you can use something like "ndpi.flow_risk.desktop_file_sharing_session" | |||
| * | Removed xbox and playstation invalid port guesses | Luca Deri | 2021-06-02 | |
| | | ||||
| * | ndpiReader: fix collecting of risks statistics (#1192) | Ivan Nardi | 2021-06-01 | |
| | | ||||
| * | TLS: improve check for common ALPNs (#1191) | Ivan Nardi | 2021-06-01 | |
| | | | | Facebook is still using its own ALPN for HTTP2 as well | |||
| * | Reworked ndpi flow risk score adding client and server score | Luca | 2021-06-01 | |
| | | ||||
| * | Fix warnings | Alfredo Cardigliano | 2021-05-25 | |
| | | ||||
| * | Added TLS check to avoid crash with UDP-based traffic | Luca | 2021-05-25 | |
| | | ||||
| * | Improved TLS browser detection heuristics | Luca Deri | 2021-05-19 | |
| | | ||||
| * | wireshark/lua: fix offsets (#1187) | Ivan Nardi | 2021-05-18 | |
| | | ||||
| * | Added flow risk score | Luca Deri | 2021-05-18 | |
| | | ||||
| * | Typo | Luca Deri | 2021-05-18 | |
| | | ||||
| * | Added risk/score dump (ndpiReader -h) | Luca Deri | 2021-05-18 | |
| | | | | | Added ndpi_dump_risks_score() API score | |||
| * | Updated API for ndpi_risk2score() | Luca Deri | 2021-05-17 | |
| | | | | | Added ndpi_get_upper_proto() API call | |||
| * | Reworked human readeable string search in flows | Luca Deri | 2021-05-17 | |
| | | | | | Removed fragment manager code | |||
| * | Added further checks | Luca Deri | 2021-05-15 | |
| | | ||||
| * | Updated protocol category | Luca Deri | 2021-05-15 | |
| | | ||||
| * | Added ndpi_check_subprotocol_risk() API call definition | Luca Deri | 2021-05-15 | |
| | | ||||
| * | Added TLS certifiacate caching | Luca Deri | 2021-05-15 | |
| | | | | | Added Fortigate protocol | |||
| * | Converted some test .pcapng files to pcap format | Luca Deri | 2021-05-13 | |
| | | ||||
| * | Added browser TLS heuristic | Luca Deri | 2021-05-13 | |
| | | ||||
| * | Implemented heuristic to detect Safari and Firefox TLS browsing | Luca Deri | 2021-05-13 | |
| | | ||||
| * | Fixed obsolete error printing if CTRL-C is pressed. #1165 (#1184) | Toni | 2021-05-11 | |
| | | | | | | * This fix was proposed by @robertsong2019 Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Improved SSL certificate name wildcard handling and risk. #1182 (#1183) | Toni | 2021-05-11 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Changes for sonarcloud integration | Luca Deri | 2021-05-11 | |
| | | ||||
| * | Fixed typo | Luca Deri | 2021-05-11 | |
| | | ||||
| * | Implemented flow score in Wireshark integration | Luca Deri | 2021-05-10 | |
| | | ||||
| * | Added check to reduce MongoDB false positive detection | Luca Deri | 2021-05-10 | |
| | | ||||
| * | Added (partial) Activision protocol support (based on tencent cloud) | Luca Deri | 2021-05-10 | |
| | | ||||
| * | Fix some warnings (#1181) | Ivan Nardi | 2021-05-09 | |
| | | | | | | | | | | | | | | | | | | | | ``` In file included from protocols/fasttrack.c:29: ../include/ndpi_api.h:1504:3: warning: type qualifiers ignored on function return type [-Wignored-qualifiers] 1504 | const ndpi_risk_severity ndpi_risk2severity(ndpi_risk_enum risk); | ^~~~~ In file included from protocols/amazon_video.c:28: ../include/ndpi_api.h:1504:3: warning: type qualifiers ignored on function return type [-Wignored-qualifiers] 1504 | const ndpi_risk_severity ndpi_risk2severity(ndpi_risk_enum risk); | ^~~~~ ... ndpi_utils.c: In function ‘ndpi_risk2severity’: ndpi_utils.c:1834:1: warning: control reaches end of non-void function [-Wreturn-type] 1834 | } | ^ ``` | |||
| * | TLS: fix extraction for TLS signature algorithms (#1180) | Ivan Nardi | 2021-05-09 | |
| | | | | | | | | | | | ``` ==69562==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6100009000fb at pc 0x7f41882003a7 bp 0x7f4183cfbfc0 sp 0x7f4183cfb768 READ of size 32 at 0x6100009000fb thread T1 #0 0x7f41882003a6 in __interceptor_memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:827 #1 0x560b2d7462a1 in processClientServerHello protocols/tls.c:1647 #2 0x560b2d73be6a in processTLSBlock protocols/tls.c:712 #3 0x560b2d73e61f in ndpi_search_tls_udp protocols/tls.c:968 ``` | |||
| * | TLS: fix another use-of-uninitialized-value error in ClientHello parsing (#1179) | Ivan Nardi | 2021-05-09 | |
| | | | | | | | | | | | | | Error detected with valgrind. ==13127== Conditional jump or move depends on uninitialised value(s) ==13127== at 0x483EF58: strlen (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) ==13127== by 0x1A93B6: ndpi_strdup (ndpi_main.c:159) ==13127== by 0x1C07CC: processClientServerHello (tls.c:1678) ==13127== by 0x1C0C4C: processTLSBlock (tls.c:712) ==13127== by 0x1C0C4C: ndpi_search_tls_tcp.part.0 (tls.c:849) See also 8c3674e9 | |||
| * | Check datalink during fuzzing to prevent console / logfile spam. See #1175 ↵ | Toni | 2021-05-09 | |
| | | | | | | for more information. (#1177) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Allow to override build date with SOURCE_DATE_EPOCH (#1176) | Bernhard M. Wiedemann | 2021-05-09 | |
| | | | | | | | in order to make builds reproducible. See https://reproducible-builds.org/ for why this is good and https://reproducible-builds.org/specs/source-date-epoch/ for the definition of this variable. | |||
| * | Initial work towards detection via TLS of browser types | Luca | 2021-05-06 | |
| | | ||||
| * | Add extraction for TLS signature algorithms | Luca | 2021-05-06 | |
| | | ||||
| * | Added ndpi_risk2severity() API call | Luca | 2021-05-02 | |
| | | ||||
| * | Enhanced netbios decoding check | Luca Deri | 2021-04-28 | |
| | | ||||
| * | Compilation fix | Luca Deri | 2021-04-27 | |
| | | ||||
| * | Updated code due to https://github.com/ntop/nDPI/pull/1175 | Luca Deri | 2021-04-27 | |
| | | ||||
| * | Removed DGA check for ipv6 reverse IPs | Luca Deri | 2021-04-27 | |
| | | ||||
| * | Check for common ALPNs and set a flow risk if not known. (#1175) | Toni | 2021-04-27 | |
| | | | | | | | * Increased risk bitmask to 64bit (instead of 32bit). * Removed annoying "Unknown datalink" error message for fuzzers. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Fixed invalid DNS dissection | Luca Deri | 2021-04-26 | |
| | | ||||
| * | Compilation fix | Luca Deri | 2021-04-26 | |
| | | ||||
| * | Added flow risk to wireshark dissection | Luca Deri | 2021-04-26 | |
| | | ||||
| * | Added tshark description | Luca Deri | 2021-04-25 | |
| | | ||||
| * | README for the tshark class | Luca Deri | 2021-04-25 | |
| | | ||||
| * | Lua tshark class and examples | Luca Deri | 2021-04-25 | |
| | | ||||
| * | Removed protocol space in Genshin Impact | Luca Deri | 2021-04-25 | |
| | | ||||
| * | Add Genshin Impact protocol. (#1173) | Toni | 2021-04-25 | |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | |||
| * | Add vxlan enum to ndpi_packet_tunnel | Alfredo Cardigliano | 2021-04-21 | |
| | | ||||