aboutsummaryrefslogtreecommitdiff
path: root/src/lib/ndpi_utils.c
Commit message (Collapse)AuthorAge
* Improved processing of IPv6 headerLuca Deri2020-10-15
| | | | Improved QUIC serialization
* Added ndpi_quick_16_byte_hashLuca2020-10-05
| | | | Warning fix
* Added risks for checkingLuca Deri2020-09-21
| | | | | - invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension
* Do not re-define libc functions for mingw builds.Toni Uhlig2020-09-20
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Merge pull request #1017 from lnslbrty/fix/mingw-xcompileLuca Deri2020-09-20
|\ | | | | Added support for mingw xcompile.
| * Fixed shlib xcompile for x86_64-w64-mingw32Toni Uhlig2020-09-08
| | | | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* | Reworked MDNS dissector that is not based on the DNS dissectorLuca Deri2020-09-17
|/
* Added some additional TLS mappingsLuca Deri2020-09-02
|
* Added check for ndpi_ssl_version2str()Luca Deri2020-08-31
|
* Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are ↵Luca Deri2020-08-30
| | | | not condidered safe/secure
* Fixes control reaches end of non-void functionSimone Mainardi2020-08-27
|
* Passes method_len param to ndpi_http_str2methodSimone Mainardi2020-08-27
|
* Added ndpi_http_method ndpi_http_str2method(const char* method) API callLuca Deri2020-08-26
|
* Added ndpi_http_method2str() API callLuca Deri2020-08-26
|
* Added new check for detecting suspicious (too long) namesLuca Deri2020-08-21
|
* Merge pull request #973 from IvanNardi/esni3Luca Deri2020-08-06
|\ | | | | Add risk flag about suspicious ESNI usage
| * Add risk flag about suspicious ESNI usageNardi Ivan2020-08-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In a Client Hello, the presence of both SNI and ESNI may obfuscate the real domain of an HTTPS connection, fooling DPI engines and firewalls, similarly to Domain Fronting. Such technique is reported in a presentation at DEF CON 28: "Domain Fronting is Dead, Long Live Domain Fronting: Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise" Full credit for the idea must go the original author At the moment, the only way to get the pdf presention and related video is via https://forum.defcon.org/node/234492 Hopefully a direct link (and an example pcap) will be available soon
* | Added note on memory managementLuca Deri2020-08-06
|/
* Added NDPI_SMB_INSECURE_VERSION for detecting insecure SMB versions (e.g. v1)Luca Deri2020-07-27
|
* SSH code cleanupLuca Deri2020-07-25
|
* modified new last two risksMrRadix2020-07-22
|
* Introduced SSH rick checksLuca Deri2020-07-22
|
* Fixed makefile error messageLuca Deri2020-07-13
| | | | Code hardedning fix
* Fixed race condition in ndpi_ssl_version2str() caused by static qualifier in ↵Toni Uhlig2020-07-11
| | | | | | | | | the version string buffer. * added also GREASE supported tls versions as specified in https://tools.ietf.org/html/draft-davidben-tls-grease-01#page-4 Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Added notes whenever a new flow risk is addedLuca Deri2020-06-26
|
* Added malformed packet risk supportLuca Deri2020-06-26
|
* Added DGA risk for names that look like a DGALuca Deri2020-06-11
|
* Added check in TLS 1.2+ for reporting a risk when TLS is not used to carry HTTPSLuca Deri2020-06-08
|
* Added ndpi_dpi2json() API callLuca Deri2020-06-05
|
* Fixes for https://github.com/ntop/nDPI/pull/911Luca Deri2020-05-29
| | | | Added code for dumping invalid HTTP header
* Added ndpi_serialize_risk() to the nDPI APILuca Deri2020-05-24
|
* Added flow risk serilizationLuca Deri2020-05-24
|
* Added check for invalid HTTP URLsLuca Deri2020-05-16
|
* Added check for binary scriptsLuca Deri2020-05-15
| | | | | Added NDPI_HTTP_NUMERIC_IP_HOST risk ndpi_risk moved to 32 bit
* Added NDPI_HTTP_SUSPICIOUS_USER_AGENT ndpi_riskLuca Deri2020-05-15
|
* Added NDPI_TLS_CERTIFICATE_EXPIRED, NDPI_TLS_CERTIFICATE_MISMATCH, to ndpi_riskLuca Deri2020-05-15
|
* Added TLS weak cipher and obsolete protocol version detectionLuca Deri2020-05-10
|
* Added detection of self-signed TLS certificatesLuca Deri2020-05-10
|
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
* Added TLS issuerDN and subjectDNLuca Deri2020-05-07
|
* Win fixesLuca Deri2020-03-12
|
* ndpi_flow2json should check http.url before serializerNguyen Phuong An2020-02-26
| | | | This patch will fix issue: https://github.com/ntop/PF_RING/issues/557
* Added ndpi_is_protocol_detected() API callLuca Deri2020-02-13
|
* FIXED - nDPI now detect RCE injections via PCRE instead Intel HyperscanMrTiz92020-02-01
|
* nDPI now detect RCE injections via PCRE instead Intel Hyperscan - BUGGY, ↵MrTiz92020-01-30
| | | | DOES NOT COMPILE
* Merge branch 'dev' of https://github.com/ntop/nDPI into dev-unstableMrTiz92020-01-30
|\
| * Implement ndpi_flowv6_flow_hash ndpi_flowv4_flow_hash. Add ndpi_base64_encode.Alfredo Cardigliano2020-01-24
| |
* | nDPI now detect RCE in HTTP GET requestsMrTiz92020-01-24
|/
* Merge branch 'dev' of https://github.com/ntop/nDPI into devLuca Deri2020-01-05
|\
| * Renamed TLS requested server nameLuca2020-01-02
| |
Powered by cgit, Themed by Ted Yin.