aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Fix some warnings about unused variables/functions (#1160)Ivan Nardi2021-04-05
|
* Trace fixLuca Deri2021-04-02
|
* Fixed incapoatibilities with the latest extcap/wiresharkLuca Deri2021-04-01
|
* Readme updateLuca Deri2021-04-01
|
* Reworked ndpi patricia includes to avoid compilation issues on some platformsLuca Deri2021-03-31
|
* Mining: lru cache is ipv4 only (for the time being) (#1159)Ivan Nardi2021-03-31
| | | Fix memory error with ipv6 traffic
* Fixed mispelled wordLuca Deri2021-03-31
|
* Improved mining resultsLuca Deri2021-03-30
|
* Improved mining detection supportLuca Deri2021-03-30
|
* Added missing tracker/Ads breedLuca Deri2021-03-30
|
* Fixed invalid guess statsLuca Deri2021-03-30
|
* Ignore TLD .local .lan and .home in DGA domain checkLuca Deri2021-03-26
|
* ndpiReader: print an error msg if we found an unsupported datalink type (#1157)Ivan Nardi2021-03-23
|
* Refactored nDPI subprotocol handling and aimini protocol detection. (#1156)Toni2021-03-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored and merged callback buffer routines for non-udp-tcp / udp / tcp / tcp-wo-payload. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Try to detect one subprotocol if a detected protocol can have one. * This adds a performance overhead due to much more protocol detection routine calls. See #1148 for more information. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactor subprotocol handling (1/2). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactor subprotocol handling (2/2). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Prevent some code duplication by using macros for ndpi_int_one_line_struct string comparision. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Refactored aimini HTTP detection parts (somehow related to #1148). Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Added aimini client/server test pcap. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Removed master protocol as it was only used for STUN and via also removed API function ndpi_get_protocol_id_master_proto * Adjusted Python code to conform to the changes made during the refactoring process. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Win compilation fixLuca Deri2021-03-22
|
* Better DGA detection (slightly decreased accuracy)Luca Deri2021-03-20
|
* Removed duplicate extesions lenLuca Deri2021-03-19
|
* Added ALPN and elliptic curve in JA3S+Luca Deri2021-03-19
|
* Implemented JA3+ also for JA3SLuca Deri2021-03-19
|
* Reworked JA3Luca Deri2021-03-19
|
* JA3 debug improvementsLuca Deri2021-03-19
|
* Fixed support for custom DGA detection libraryrLuca Deri2021-03-18
|
* Added % of flows with risksLuca Deri2021-03-14
|
* Added in stats the number of flows with risksLuca Deri2021-03-14
|
* Added flows risks reportLuca Deri2021-03-14
|
* Reworked extendal dependency across testing toolsLuca Deri2021-03-14
|
* Help crash fixLuca Deri2021-03-14
|
* Implemented square erro rollup to avoid overflowLuca Deri2021-03-14
|
* Make libmaxminddb build configurable. (#1154)Zied Aouini2021-03-14
|
* Fix compilation warningAlfredo Cardigliano2021-03-12
|
* Added double exponential smoothing implementationLuca2021-03-11
|
* Added single exponential smoothing APILuca Deri2021-03-11
| | | | | int ndpi_ses_init(struct ndpi_ses_struct *ses, double alpha, float significance); int ndpi_ses_add_value(struct ndpi_ses_struct *ses, const u_int32_t _value, double *forecast, double *confidence_band);
* Fixed JA3+ computationLuca Deri2021-03-11
|
* Fixed nDPI prefs definitionLuca Deri2021-03-09
|
* Added experiemntal JA3+ implementation that can be used with -z i ndpiReaderLuca Deri2021-03-09
|
* HTTP: fix memory access in ndpi_http_parse_subprotocol() (#1151)Ivan Nardi2021-03-09
|
* Ookla detection improvementLuca Deri2021-03-09
|
* Added Ookla detection over IPv6Luca Deri2021-03-09
|
* Ookla fixesLuca Deri2021-03-09
|
* Improved detection of Ookla speedtest and openspeedtest.comLuca Deri2021-03-09
|
* Added the ability to define a custom DGA detection function by overwritingLuca Deri2021-03-08
| | | | | the value of the function pointer ndpi_dga_function curently set to NULL (that means the nDPI internal DGA function will be used)
* Fix some stack-use-after-return errors in automa code (#1150)Ivan Nardi2021-03-08
|
* Add support for Snapchat voip calls (#1147)Ivan Nardi2021-03-06
| | | | | | | | | * Add support for Snapchat voip calls Snapchat multiplexes some of its audio/video real time traffic with QUIC sessions. The peculiarity of these sessions is that they are Q046 and don't have any SNI. * Fix tests with libgcrypt disabled
* Add ndpi_serialize_binary_boolean for consistency. Fix comments.Alfredo Cardigliano2021-03-04
|
* Improved DGA detectionLuca Deri2021-03-03
| | | | | | | | Before Accuracy 66%, Precision 86%, Recall 38% After Accuracy 71%, Precision 89%, Recall 49%
* Added verbose optionLuca2021-03-03
|
* Removed check for knowns protocols (major and app protocols)Luca Deri2021-03-03
|
* Improved DGA detection with trigrams. Disadvantage: slower startup timeLuca Deri2021-03-03
| | | | | Reworked Tor dissector embedded in TLS (fixes #1141) Removed false positive on HTTP User-Agent
* DTLS: improve support (#1146)Ivan Nardi2021-03-02
| | | | | | | * DTLS: add some pcap tests * DTLS: fix parsing of Client/Server Helllo message * DTLS: add parsing of server certificates
* QUIC: fix mvfst-27 test (#1145)Ivan Nardi2021-03-02
| | | | Regardless of its name, quic-mvfst-27 trace doesn't contain mvfst-27 traffic
Powered by cgit, Themed by Ted Yin.