aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
* Added extraction of hostname in SMTPLuca Deri2021-08-11
| | | | Fixed mail incalid subprotocol calculation
* Fix typoAlfredo Cardigliano2021-08-10
|
* TypoLuca Deri2021-08-09
|
* Addef ETH_ARP definitionLuca Deri2021-08-09
|
* Defined more standard ethernet protocol typesLuca Deri2021-08-09
|
* Added protocol definesLuca Deri2021-08-09
|
* Clode cleanup (after last merge)Luca Deri2021-08-08
|
* Added entropy calculation to check for suspicious (encrypted) payload. (#1270)Toni2021-08-08
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
* Skip whitespaces between HTTP method and URL. (#1271)Toni2021-08-08
| | | | | * be less case-restrictive, RFC2616 wants it that way Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed broken SonarCloud-CI. (#1272)Toni2021-08-08
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Updated test outputLuca Deri2021-08-07
|
* Added testing pcap for TLS fatal alertLuca Deri2021-08-07
|
* Added TLS fatal alert flow riskLuca Deri2021-08-07
|
* Updated outputLuca Deri2021-08-07
|
* Report whether a protocol is encryptedLuca Deri2021-08-07
|
* Added ability to report whether a protocol is encryptedLuca Deri2021-08-07
| | | | | | | | | Added new API calls - u_int8_t ndpi_is_valid_protoId(u_int16_t protoId); Cleaned up code and organized in a function. - u_int8_t ndpi_is_encrypted_proto(struct ndpi_detection_module_struct *ndpi_str, ndpi_protocol proto); Check whether a protocol is encrypted or not based on master and app protocols
* Win fixLuca Deri2021-08-03
|
* Added legacy whatsapp rules used to match old pcaps that need to be removed ↵Luca Deri2021-07-31
| | | | in the future
* Improved RTSP detection and fixed HTTP false-positive. Fixes #1229. (#1266)Toni2021-07-31
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Updated WhatsAPP and Instagram addresses (#1264)Fábio Depin2021-07-31
| | | | | * Updated WhatsAPP addresses * Added Instagram addresses
* Improved libm check via Autoconf. (#1263)Toni2021-07-28
| | | | | * libm will now be part of @ADDITIONAL_LIBS@ (if required) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Moved to 4.1.0Luca Deri2021-07-26
|
* Improved risk detection mask algorithmLuca Deri2021-07-26
|
* Improved TFTP detection. Fixes #1242, #1256 (#1262)Toni2021-07-25
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Typo (Thanks Ivan)Luca Deri2021-07-24
|
* Update changelogLuca Deri2021-07-24
|
* Implemented ALPN automa for checking uncommon ALPNsLuca Deri2021-07-24
|
* Risk check improvementLuca Deri2021-07-24
|
* TypoAlfredo Cardigliano2021-07-23
|
* Fix prototypeAlfredo Cardigliano2021-07-23
|
* Reworked flow risk implementationLuca Deri2021-07-23
|
* Fix unit tests when "--disable-gcrypt" flag is used (#1255)Ivan Nardi2021-07-23
|
* Implemented function to retrieve flow information. #1253 (#1254)Toni2021-07-23
| | | | | * fixed [h]euristic typo Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed risk mask implementationLuca Deri2021-07-23
|
* Implementation of flow risk eception (work in progress)Luca Deri2021-07-22
|
* Update changelogAlfredo Cardigliano2021-07-20
|
* Added risk: TLS_EXTENSION_SUSPICIOUS (#1252)Toni2021-07-19
| | | | | | * validates client/server hello TLS extensions * inspects content for some extensions Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fix setting of flow risks on 32 bit machines (#1251)Ivan Nardi2021-07-19
| | | | Since 19a29e1e (NDPI_TLS_CERT_VALIDITY_TOO_LONG is 32), unit tests are failing on 32 bit machines (i.e Raspberry 4)
* Updated download category nameLuca Deri2021-07-16
|
* Bug fix. (#1250)Vitaly Lavrov2021-07-16
| | | Restore part of the fields flow->packet after cleaning flow structure.
* Fixed TLS certificate threshold (#1248)pacant2021-07-16
| | | Co-authored-by: pacant <a.pace97@outlook.com>
* Code cleanup. (#1246)Vitaly Lavrov2021-07-16
| | | | ndpi_utils.c: use ndpi_malloc,ndpi_calloc,ndpi_free genshin_impact.c, git.c, hpvirtgrp.c, http.c, z3950.c: removed "#include stdlib.h"
* hulu and netflix dissection improvementsLuca Deri2021-07-14
|
* Temporary fix for avoiding wireshark errorsLuca Deri2021-07-14
|
* Code cleanupLuca Deri2021-07-14
|
* TLS Risks - Certificate Validity Too Long (#1239)pacant2021-07-14
| | | | | | | | | | | * Added flow risk: TLS certificate too long * Added flow risk: TLS certificate too long * Date for TLS limit added * TLS certificate check fixed Co-authored-by: pacant <a.pace97@outlook.com>
* Added AVAST SecureDNS protocol. (#1244)Toni2021-07-14
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved Steam detection (Steam Datagram Relay - SDR). (#1243)Toni2021-07-14
| | | | | * improved DNSCrypt midstream detection again (sufficient for all tested use-cases) Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Improved dnscrypt midstream detection. (#1241)Toni2021-07-13
| | | | | * fixed skype false-positive detection of dnscrypt traffic Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* ndpiReader: add statistics about nDPI performance (#1240)Ivan Nardi2021-07-13
| | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits.
Powered by cgit, Themed by Ted Yin.