| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Cleaned up tls/quic datatypes | Luca Deri | 2021-01-21 |
| | | |||
| * | Reworked TLS fingerprint calcolation | Luca Deri | 2021-01-21 |
| | | | | | Modified TLS memory free | ||
| * | Added simple hash implementation to the nDPI API | Luca Deri | 2021-01-20 |
| | | |||
| * | Rewored UPnP protocol that in essence was WSD hence it has been renamed | Luca | 2021-01-20 |
| | | | | | Cleaned up TLS code for DTLS detection by defining a new DTLS protocol | ||
| * | (C) Update | Luca Deri | 2021-01-07 |
| | | |||
| * | Increase SNI hostname buffer length to 256. (#1111) | Darryl Sokoloski | 2021-01-07 |
| | | | | | | | | | | According to RFC 4366, SNI host names can be up to 255 bytes. Previous size of 64 resulted in failed application matches due to truncation. For example: 0976e041e65b1aece3e720df36ac6bd7.safeframe.googlesyndication.co|m Signed-off-by: Darryl Sokoloski <darryl@sokoloski.ca> | ||
| * | QUIC: add suppport for DNS-over-QUIC (#1107) | Ivan Nardi | 2021-01-07 |
| | | | | | | | | | | Even if it is only an early internet draft, DoQ has already (at least) one deployed implementation. See: https://www.zdnet.com/article/ad-blocker-adguard-deploys-worlds-first-dns-over-quic-resolver/ Draft: https://tools.ietf.org/html/draft-huitema-dprive-dnsoquic-00 In the future, if this protocol will be really used, it might be worth to rename NDPI_PROTOCOL_DOH_DOT in NDPI_PROTOCOL_DOH_DOT_DOQ | ||
| * | Split HTTP request from response Content-Type. Request Content-Type should ↵ | Luca Deri | 2021-01-06 |
| | | | | | be present with POSTs and not with other methods such as GET | ||
| * | Added check for invalid HTTP content | Luca Deri | 2021-01-06 |
| | | |||
| * | Remove FB_ZERO protocol (#1102) | Ivan Nardi | 2021-01-04 |
| | | | | | | | FB_ZERO was an experimental protocol run by Facebook. They switched to QUIC/TLS1.3 more than 2 years ago; no one ever used it but them so it is definitely dead. See: https://engineering.fb.com/2018/08/06/security/fizz/ | ||
| * | Added a new API function `ndpi_free_flow_data' which free's all members of ↵ | Toni | 2021-01-04 |
| | | | | | | ndpi_flow_struct but not the struct itself. (#1101) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added HTTP suspicious content securirty risk (useful for tracking trickbot) | Luca Deri | 2021-01-02 |
| | | |||
| * | Updated ndpi_ptree_match_addr() prototype | Luca Deri | 2020-12-30 |
| | | |||
| * | Split ptree user data in 32 and 64 bit entries | Luca Deri | 2020-12-30 |
| | | |||
| * | Removed test code | Luca Deri | 2020-12-26 |
| | | |||
| * | Introduced fix on TLS for discarding traffic out of sequence that might ↵ | Luca Deri | 2020-12-22 |
| | | | | | invalidate dissection | ||
| * | Win fixes | Luca Deri | 2020-12-17 |
| | | |||
| * | Type change to avoid Windows compilation issues | Luca Deri | 2020-12-17 |
| | | |||
| * | Rule changes work in progress | Luca Deri | 2020-12-11 |
| | | |||
| * | Add NDPI_PROTOCOL_ANY_CATEGORY to ndpi_protocol_category_t enum | Alfredo Cardigliano | 2020-12-11 |
| | | |||
| * | Rename Jabber detection name as we are not sure if it is unencrypted e.g. if ↵ | Toni | 2020-12-08 |
| | | | | | | START_TLS used. (#1079) Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added chec for avoiding doung ntop_config.h include | Luca Deri | 2020-12-01 |
| | | |||
| * | nDPI rules (work in progress) implementation | Luca Deri | 2020-11-30 |
| | | |||
| * | Removed unnecessary field | Luca Deri | 2020-11-29 |
| | | |||
| * | Add Virtual Asssitant (Alexa, Siri) support. (#1057) | Zied Aouini | 2020-11-16 |
| | | | | | | | | | | | | | | | | * Add AmazonAlexa protocol. * Add AmazonAlexa test file and result. * Include pcapng as file format. * Rename Category to VirtualAssistant. * Add AppleSiri virtual assistant. * Fix pcapng test files format support. Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com> | ||
| * | Add Tumblr support. (#1061) | Zied Aouini | 2020-11-16 |
| | | | | | | | | * Add Tumblr protocol. * Add Tumblr test file and result. Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com> | ||
| * | Add Reddit support. (#1060) | Zied Aouini | 2020-11-16 |
| | | | | | | | | * Add Reddit protocol. * Add Reddit test file and result. Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com> | ||
| * | Add Pinterest support. (#1059) | Zied Aouini | 2020-11-16 |
| | | | | | | | | * Add Pinterest protocol. * Add Pinterest test file and result. Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com> | ||
| * | Add DisneyPlus protocol. (#1058) | Zied Aouini | 2020-11-16 |
| | | |||
| * | File nor necessary and generated by configure | Luca Deri | 2020-11-12 |
| | | |||
| * | Renumbered AmongUs protocol | Luca Deri | 2020-11-09 |
| | | |||
| * | Added support for AmongUs. (#1054) | Toni | 2020-11-09 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Cosmetic changes | Luca Deri | 2020-11-03 |
| | | |||
| * | :bulb: Add mongodb protocol dissector (#1048) | Leonn | 2020-11-03 |
| | | |||
| * | Improve skype detection (#1039) | Igor Duarte | 2020-10-27 |
| | | | | | | | | * Add new skype pcap PCAP extracted from SkypeIRC.cap (available in https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=SkypeIRC.cap) * Improve skype detection | ||
| * | Added -D flag for detecting DoH in the wild | Luca Deri | 2020-10-26 |
| | | | | | Removed heuristic from CiscoVPN as it leads to false positives | ||
| * | Various improvemement when using ndpi_pref_enable_tls_block_dissection: | Luca Deri | 2020-10-24 |
| | | | | | | | application data TLS blocks are now ignored when exchanged before - the end of certificate negotiation (up to TLS 1.2) - change cipher | ||
| * | Added CPHA - CheckPoint High Availability Protocol protocl support | Luca Deri | 2020-10-22 |
| | | |||
| * | Fixes #1033 | Luca Deri | 2020-10-21 |
| | | |||
| * | Add serialization of values list in TLV | Alfredo Cardigliano | 2020-10-15 |
| | | |||
| * | Serialized doxygen doc | Alfredo Cardigliano | 2020-10-05 |
| | | |||
| * | Added ndpi_quick_16_byte_hash | Luca | 2020-10-05 |
| | | | | | Warning fix | ||
| * | Added back ndpi_check_flow_func (correct) prototype | Luca Deri | 2020-09-25 |
| | | |||
| * | Compilation fix | Luca Deri | 2020-09-25 |
| | | |||
| * | Various optimizations to reduce not-necessary calls | Luca Deri | 2020-09-24 |
| | | | | | | Optimized various UDP dissectors Removed dead protocols such as pando and pplive | ||
| * | Macro redefinition | Luca Deri | 2020-09-22 |
| | | |||
| * | Added risks for checking | Luca Deri | 2020-09-21 |
| | | | | | | - invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension | ||
| * | Merge pull request #1018 from lnslbrty/fix/make-dist | Luca Deri | 2020-09-20 |
| |\ | | | | | Fixed broken `make dist' and added CI check. | ||
| | * | Fixed broken `make dist' and added CI check. | Toni Uhlig | 2020-09-19 |
| | | | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | | Merge pull request #1017 from lnslbrty/fix/mingw-xcompile | Luca Deri | 2020-09-20 |
| |\ \ | | | | | | | Added support for mingw xcompile. | ||