aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_main.c
Commit message (Collapse)AuthorAge
* Added new check for detecting suspicious (too long) namesLuca Deri2020-08-21
|
* Added the ability do identigy as DGA those host/domain names with too many ↵Luca Deri2020-08-21
| | | | | | | consucutive repeated characters such as ckaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa used fr netbios reflection attacks https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/ddos-reflection-netbios-name-server-rpc-portmap-sentinel-udp-threat-advisory.pdf
* Merge pull request #985 from lnslbrty/add/SOAPLuca Deri2020-08-19
|\ | | | | Added support for SOAP.
| * Added support for SOAP.Toni Uhlig2020-08-18
| | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | Added support for discordLuca Deri2020-08-16
|/
* Fixes invalid detection on traffic on non standard portsLuca Deri2020-08-12
|
* Improved DGA detection algoritmLuca Deri2020-08-11
|
* Added case-insensitive substring matchingLuca Deri2020-08-10
|
* Added new traffic category for connectivity check detectionLuca Deri2020-08-04
|
* Tiny changes for TLS block lenght dissectionLuca Deri2020-07-29
|
* TLS dissection improvementsLuca Deri2020-07-28
|
* Improved bin clusteringLuca Deri2020-07-22
|
* User agent detection improvementsLuca Deri2020-07-21
|
* Indendentation fixLuca Deri2020-07-16
|
* 1:add free pointer NULL check;2:fix xbox and teredo protocol detected error ↵ysk2020-07-16
| | | | when use the commm udp port 3544
* add improved boundary check and check malloc return is NULLysk2020-07-10
|
* Merge pull request #932 from IvanNardi/logLuca Deri2020-07-07
|\ | | | | Log
| * Incorporated some feedbackNardi Ivan2020-07-01
| |
| * Fix compilation with --enable-debug-messages flagNardi Ivan2020-06-26
| | | | | | | | | | | | | | | | | | | | | | | | NDPI_LOG* macros dereference ndpi_detection_module_struct object which is private to ndpi library (via NDPI_LIB_COMPILATION define). So we can't use them outside the library itself, i.e. in ndpiReader code Therefore, in files in example/, convert all (rare) uses of NDPI_LOG* macros to a new very simple macro, private to ndpiReader program. If necessary, such macro may be improved. According to a comment in ndpi_define.h, each dissector must define its own NDPI_CURRENT_PROTO macro before including ndpi_api.h file
* | IndentLuca Deri2020-06-30
| |
* | Fix segfault on ndpi_guess_protocol_id with flow = nullAlfredo Cardigliano2020-06-30
| |
* | Fix use-after-free in http content parsingNardi Ivan2020-06-28
| |
* | DNP3: add missing initializationNardi Ivan2020-06-28
| |
* | Added malformed packet risk supportLuca Deri2020-06-26
|/
* Fixed use after free caused by dangling pointerToni Uhlig2020-06-21
| | | | | | * This fix also improved RCE Injection detection Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed API documentation: packet tiestamp is expressed in millisecondsLuca Deri2020-06-18
|
* DGA detection improvementsLuca Deri2020-06-18
|
* Added checks for DGA detectionLuca Deri2020-06-17
|
* Implemented proprietary AnyDesk protocolToni Uhlig2020-06-17
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Fixed invalid assignment (typo)Luca Deri2020-06-14
|
* Added improved boundary checkLuca Deri2020-06-14
|
* Added DGA risk for names that look like a DGALuca Deri2020-06-11
|
* Added HTTP checkLuca Deri2020-06-07
|
* Removed some obsolete protocols (battlefield, oscar, pcanywhere, tvants)Luca Deri2020-06-06
|
* removed obsolete yahoo pluginLuca Deri2020-06-06
|
* Merge pull request #913 from yskcg/fix_segment_fault_devLuca Deri2020-06-05
|\ | | | | Fix segment fault dev
| * fix segment fault cause by the ssl.server_names when it may NULLysk2020-06-03
| |
* | Reworked ndpi_strncasestrLuca Deri2020-05-31
| |
* | Added check to avoid producing alerts for known protocol on unknown port ↵Luca Deri2020-05-30
| | | | | | | | when using TLS
* | Added check for heap buffer overflow readLuca Deri2020-05-29
| |
* | Added support for Encrypted TLS SNI dissectionLuca Deri2020-05-28
| | | | | | | | https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
* | Extended the cache for services that need to be reconciled such as Microsoft ↵Luca Deri2020-05-27
| | | | | | | | | | | | Teams Added JSON-formatted Microsoft list of IP/services
* | Added memory boundary checksLuca Deri2020-05-22
| |
* | MS Teams uses as underlying protocol for voice/video. This commit adds the ↵Luca Deri2020-05-21
|/ | | | | | ability to mark as MS Teams all Skype traffic made by a host with active MS Teams flows
* Added check for binary scriptsLuca Deri2020-05-15
| | | | | Added NDPI_HTTP_NUMERIC_IP_HOST risk ndpi_risk moved to 32 bit
* Extend packet struct with Content-Disposition HTTP header fieldloures2020-05-14
| | | | and improve HTTP binary transfer mime type check
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
* Cleaned hyperscan leftoverLuca Deri2020-05-08
| | | | Added further hyperscan hooks
* Added TLS issuerDN and subjectDNLuca Deri2020-05-07
|
* Fixed category matchingLuca Deri2020-05-06
|
Powered by cgit, Themed by Ted Yin.