aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Added memory boundary checksLuca Deri2020-05-22
|
* Added stub for checking HTTP headerLuca Deri2020-05-21
| | | | Updated Teams result
* MS Teams uses as underlying protocol for voice/video. This commit adds the ↵Luca Deri2020-05-21
| | | | | | ability to mark as MS Teams all Skype traffic made by a host with active MS Teams flows
* Fixed valse positive whatsapp detectionLuca Deri2020-05-20
| | | | Cleaned Microsoft IP addresses list
* Merge branch 'dev' of https://github.com/ntop/nDPI into devLuca Deri2020-05-20
|\
| * Merge pull request #905 from lnslbrty/devLuca Deri2020-05-20
| |\ | | | | | | Fixed docstring typos for ndpi_finalize_initalization
| | * Fixed docstring typos for ndpi_finalize_initalizationToni Uhlig2020-05-17
| | | | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | | Removed bittorrent false positive detectionLuca Deri2020-05-20
|/ /
* / Added fix to avoid potential heap buffer overflow in H.323 dissectorLuca Deri2020-05-19
|/ | | | Modified HTTP report information to make it closer to the HTTP field names
* Added check for invalid HTTP URLsLuca Deri2020-05-16
|
* Added check for binary scriptsLuca Deri2020-05-15
| | | | | Added NDPI_HTTP_NUMERIC_IP_HOST risk ndpi_risk moved to 32 bit
* Fix for potential heap-buffer-overflow in ndpi_search_openvpnLuca Deri2020-05-15
|
* Added NDPI_HTTP_SUSPICIOUS_USER_AGENT ndpi_riskLuca Deri2020-05-15
|
* Merge branch 'dev' of https://github.com/ntop/nDPI into devLuca Deri2020-05-15
|\
| * Added link to nfstreamLuca Deri2020-05-15
| |
* | Added NDPI_TLS_CERTIFICATE_EXPIRED, NDPI_TLS_CERTIFICATE_MISMATCH, to ndpi_riskLuca Deri2020-05-15
|/
* Gotomeeting address range fixLuca Deri2020-05-15
|
* Improvements on GotoMeetingLuca Deri2020-05-15
| | | | Added pcap for testing malware
* Merge pull request #903 from Loures/devLuca Deri2020-05-14
|\ | | | | Extend packet struct with Content-Disposition HTTP header field
| * Extend filetype matching for Content-Disposition headerloures2020-05-14
| |
| * Extend packet struct with Content-Disposition HTTP header fieldloures2020-05-14
|/ | | | and improve HTTP binary transfer mime type check
* Code clenup for PR #902Luca Deri2020-05-14
|
* Merge pull request #902 from Loures/devLuca Deri2020-05-14
|\ | | | | Add check for HTTP transfer of executable files
| * Set risk field instead of changing protocol when checking for dangerousloures2020-05-13
| | | | | | | | HTTP traffic
| * Add check for HTTP transfer of executable filesloures2020-05-13
|/
* Code cleanupLuca Deri2020-05-13
|
* Merge pull request #897 from catenacyber/fuzzoracleLuca Deri2020-05-12
|\ | | | | Adds bound check in oracle protocol
| * Adds bound check in oracle protocolPhilippe Antoine2020-05-10
| | | | | | | | | | Found by oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21780
* | Merge pull request #896 from IvanNardi/natsLuca Deri2020-05-12
|\ \ | | | | | | Fix NATS dissector
| * | Fix NATS dissectorNardi Ivan2020-05-09
| |/
* | Invalid TLS checkLuca Deri2020-05-12
| |
* | Added NDPI_XXX_BIT_16Luca Deri2020-05-11
| |
* | Added TLS weak cipher and obsolete protocol version detectionLuca Deri2020-05-10
| |
* | Added detection of self-signed TLS certificatesLuca Deri2020-05-10
| |
* | Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
|/ | | | Added check to spot executables exchanged via HTTP
* Cleaned hyperscan leftoverLuca Deri2020-05-08
| | | | Added further hyperscan hooks
* Added self signed certificate test pcapLuca Deri2020-05-08
|
* Added TLS issuerDN and subjectDNLuca Deri2020-05-07
|
* Reworked TLS dissector with a certificate RDN sequence readerLuca Deri2020-05-07
|
* Fixed category matchingLuca Deri2020-05-06
|
* API cleanup for indetifying explicitly in automa's what we're searching ↵Luca Deri2020-05-06
| | | | | | (protocol or category) Removed hyperscan support that is apperently unused
* Updated automa API to use 32 bit values splits from protocol/categpryLuca Deri2020-05-06
|
* Added support for Telegram v6Luca Deri2020-05-06
|
* Introduced custom protocols with IP and (optional) port supportLuca Deri2020-05-06
| | | | | | | | | | | | | | | | Example - Single IP address ip:213.75.170.11@CustomProtocol - IP address with CIDR ip:213.75.170.11/32@CustomProtocol - IP address with CIDR and port ip:213.75.170.11/32:443@CustomProtocol Please note that there are some restrictions on the port usage. They have been listed in example/protos.txt
* Various fixes to patricia tree handlingLuca Deri2020-05-06
|
* False positive fixesLuca Deri2020-05-06
|
* Updated APILuca Deri2020-05-06
|
* Reworked protocol handling chnging it is u_int16_tLuca Deri2020-05-06
|
* Removed now obsolete MSN protocolLuca Deri2020-05-03
| | | | Added nats.io protocol dissector
* SSH boundary check reworkLuca Deri2020-04-30
|
Powered by cgit, Themed by Ted Yin.