aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Fixed certificate mismatch for TLS flows with no client hello observedLuca Deri2021-11-02
|
* BitTorrent detection improvementsLuca Deri2021-10-31
|
* Little change in TLS debug tracesLuca Deri2021-10-28
|
* Updated resultsLuca Deri2021-10-27
|
* Fixed TLS certificate dissection of subjectAltNameLuca Deri2021-10-27
|
* Minor code cleanupLuca Deri2021-10-27
|
* Avoid overwriting valid protocol in `ndpi_detection_giveup` (#1360)Ivan Nardi2021-10-27
| | | | | | | | | | | | | | | | | We should avoid updating any valid protocol in `ndpi_detection_giveup`; we should try to find a proper classification only if the flow is still completely unclassified. For example in the attached pcap there is a valid TLS session, recognized as such by TLS dissector. However, the `ndpi_detection_giveup`function updates it to "HTTP/TLS" (!?) simply because the server port is 80. Note that the real issue is not the wrong classification, but the wrong access to `flow->protos` union. If we already set some fields of `flow->protos` and we change the protocol in `ndpi_detection_giveup`, we might end up freeing some invalid pointers in `ndpi_free_flow_data` (no wonder this issue has been found while fuzzing #1354) Fix GIT and TLS dissectors (issues found by CI fuzzer)
* Serialize additional information stored in the flow struct. (#1362)Toni2021-10-27
| | | | | | | * Changed function signature of ndpi_flow2json (removed unused vlan_id; API break) * Serialize NTP information. * Improved QUIC serialization. Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved STUN and RTP detectionLuca Deri2021-10-27
|
* Detect invalid characters in text and set a risk. Fixes #1347. (#1363)Toni2021-10-26
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed Git protocol dissection (#1355)Luca Deri2021-10-25
|
* Fixed cleartext protocol assignment (#1357)Ivan Nardi2021-10-25
|
* TLS: fix a heap-buffer-overflow (#1356)Ivan Nardi2021-10-22
| | | | Revert of c3d1c697 Error reproducible with the attached pcap and valgrind
* Fixed heap-buffer-overflow in TLS dissectorLuca Deri2021-10-20
|
* Fix QUIC log and remove SoulSeek leftovers after b97dc6ba (#1351)Ivan Nardi2021-10-19
| | | | | Update .gitignore file Fix a function prototype Close #1349
* Fix some invalid memory reads (#1350)Ivan Nardi2021-10-19
| | | | | | | | `ndpi_detection_giveup()` (and any functions called by it) can't access `ndpi_detection_module_struct->packet` anymore since 730c236. Sync unit tests results Close #1348
* Added clertext alert with telnetLuca Deri2021-10-19
|
* Fix broken fuzz_process_packet fuzzer by adding a call to ↵Toni2021-10-18
| | | | | | | | | | | | ndpi_finalize_initialization(). (#1334) * fixed several memory errors (heap-overflow, unitialized memory, etc) * ability to build fuzz_process_packet with a main() allowing to replay crash data generated with fuzz_process_packet by LLVMs libfuzzer * temporarily disable fuzzing if `tests/do.sh` executed with env FUZZY_TESTING_ENABLED=1 Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Implemented RDP over UDP dissectionLuca Deri2021-10-18
|
* Refreshed results listLuca Deri2021-10-16
|
* Fixed cleartext protocol assignmentLuca Deri2021-10-16
|
* Updated test results after latest commitLuca Deri2021-10-16
|
* Reworked flow risks asignmentLuca Deri2021-10-16
| | | | Added esceptions for windows update and binary application transfer risk
* Removed outdated (and broken) soulseek dissectorLuca Deri2021-10-15
|
* Updated test resultsLuca Deri2021-10-14
|
* Added missing call to ndpi_reconcile_protocols() with protocol guessLuca Deri2021-10-14
|
* Fixed issue on DGA numeric IP detectionLuca Deri2021-10-13
|
* IndemtLuca Deri2021-10-13
|
* Add issue templates. (#1340)Zied Aouini2021-10-13
| | | | * Add issue template. * Add config log instruction.
* Implemented ndpi_ses_fitting() and ndpi_des_fitting()Luca Deri2021-10-12
| | | | for comuting the best alpha/beta values for exponential smoothing
* Return 0 on ndpi_init_serializer_ll success for consistencyAlfredo Cardigliano2021-10-12
|
* Fixed DES initialisationLuca Deri2021-10-12
|
* QUIC: fix an integer overflow (#1337)Ivan Nardi2021-10-11
| | | | Long standing bug: credits to @lnslbrty for digging into it and to @aouinizied for the CI improvements
* Removed README.protocols because: (#1333)Toni2021-10-11
| | | | | | * Tor via TLS should be detectable via DGA as a risk * protocol limitations should be part of the official documentation in `doc/` Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Win fixLuca Deri2021-10-11
|
* Fix FuzzCI. (#1338)Zied Aouini2021-10-11
|
* Enable sanitizers on CIFuzz. (#1336)Zied Aouini2021-10-11
|
* Cleaned up code moving specific includes in files their are using it. Thi ↵Luca Deri2021-10-11
| | | | prevents ndpi_config.h to be included everywhere in apps using nDPI that might leade to #define redefinitions after the latest changes
* Additional fix related to cf931fda6bfb3925555c7bd11d950a886676bcb3. (#1332)Toni2021-10-10
| | | | | * configure.seed references removed Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fix `make dist` and add it to the CI along with `make -C doc text`. Fixes ↵Toni2021-10-10
| | | | | #1324 (#1327) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Get rid of `configure.seed` as it comes with some disadvantages. (#1328)Toni2021-10-10
| | | | | * using Autotools best-practices to achieve (hopefully) the same result Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Add more WindowsUpdate URLs as requested in #698. (#1329)Toni2021-10-08
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added extra checkLuca Deri2021-10-07
|
* Fix compilation with clang-13 or if some debug macros are enabled (#1326)Ivan Nardi2021-10-06
|
* Added checkLuca Deri2021-10-06
|
* Compilation fix for old Linux distributionsLuca Deri2021-10-06
|
* Test updateLuca Deri2021-10-06
|
* Compilation fixLuca Deri2021-10-05
|
* Numeric IPs are not considered for DGA checksLuca Deri2021-10-05
|
* Improved DGA detection for skipping potential DGAs of known/popular domain namesLuca Deri2021-10-05
|
Powered by cgit, Themed by Ted Yin.