| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | SMB: add (partial) support for messages split into multiple TCP segments (#1644) | Ivan Nardi | 2022-07-07 |
| | | |||
| * | Avoid spurious calls to extra dissection (#1648) | Ivan Nardi | 2022-07-07 |
| | | | | | If the extra callabck is not set, calling the extra dissection is only a waste of resources... | ||
| * | SMTP: add support for X-ANONYMOUSTLS comamnd (#1650) | Ivan Nardi | 2022-07-07 |
| | | |||
| * | Kerberos: add support for Krb-Error messages (#1647) | Ivan Nardi | 2022-07-07 |
| | | |||
| * | Spotify: remove some useless ip ranges (#1646) | Ivan Nardi | 2022-07-07 |
| | | | | | | | | These AS numbers are no more related to Spotify (or, if they are, they don't have any prefixes anyway). Even if we find some valid Spotify AS, we should handle them via the generic "autogenerated logic" used for every AS, and not in the dissector code. | ||
| * | MONGODB: avoid false positives | Nardi Ivan | 2022-07-07 |
| | | |||
| * | TLS: ignore invalid Content Type values | Nardi Ivan | 2022-07-07 |
| | | |||
| * | Added Threema Messenger. (#1643) | Toni | 2022-07-06 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added RiotGames ASN update. | Toni Uhlig | 2022-07-06 |
| | | | | | | | * updated asn lists Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added another RiotGames signature. | Toni Uhlig | 2022-07-06 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Label SMTP w/ STARTTLS as SMTPS *and* dissect TLS clho. (#1639) | Toni | 2022-07-06 |
| | | | | | | | | | | | | | | | | | | * Label SMTP w/ STARTTLS as SMTPS *and* dissect TLS clho. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> * Revert "SMTP with STARTTLS is now identified as SMTPS" This reverts commit 52d987b603f49d996b4060f43265d1cf43c3c482. * Revert "Compilation fix" This reverts commit c019946f601bf3b55f64f78841a0d696e6c0bfc5. * Sync unit tests. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Compilation fix | Luca Deri | 2022-07-05 |
| | | |||
| * | Fix handling of NDPI_UNIDIRECTIONAL_TRAFFIC risk (#1636) | Ivan Nardi | 2022-07-05 |
| | | |||
| * | SMTP with STARTTLS is now identified as SMTPS | Luca Deri | 2022-07-05 |
| | | |||
| * | Detect SMTPs w/ STARTTLS as TLS and dissect client/server hello. Fixes ↵ | Toni | 2022-07-05 |
| | | | | | | | | #1630. (#1637) * FTP needs to get updated as well as it has similiar STARTTLS semantics -> follow-up Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Exported username in flow information | Luca Deri | 2022-07-04 |
| | | |||
| * | Updated ndpi_check_flow_risk_exceptions() signature | Luca Deri | 2022-07-04 |
| | | |||
| * | Cleaned-up issuer DN check code adding | Luca Deri | 2022-07-04 |
| | | | | | | | | | | u_int8_t ndpi_check_issuerdn_risk_exception(struct ndpi_detection_module_struct *ndpi_str, char *issuerDN); Added new API function for checking nDPI-configured exceptions u_int8_t ndpi_check_flow_risk_exception(struct ndpi_detection_module_struct *ndpi_str, u_int num_params, ndpi_risk_params **params); | ||
| * | Set CiscoVPN as a network protocol | Luca Deri | 2022-07-04 |
| | | |||
| * | Replaced malicious JA3-md5/SSL-cert-sha1 ac automata with hashmaps. | Toni Uhlig | 2022-07-04 |
| | | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added UltraSurf protocol dissector. (#1618) | Toni | 2022-07-04 |
| | | | | | | * TLSv1.3 UltraSurf flows are not detected by now Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Add two new confidence values: confidence by partial DPI (#1632) | Ivan Nardi | 2022-07-04 |
| | | | | | Used for all classifications based on partial/incomplete DPI information, i.e. all classifications done in `ndpi_detection_giveup()`. | ||
| * | Update host content list match (#1633) | Ivan Nardi | 2022-07-04 |
| | | | | | Improve classifications of Outlook, Cachefly, Cloudflare, Tiktok and Cybersecurity. | ||
| * | Added Psiphon detection patterns. See #566 and #1099. (#1631) | Toni | 2022-07-04 |
| | | | | | | * The traces are not up to date, but this is the best we got so far. Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | OCSP: improve detection (#1629) | Ivan Nardi | 2022-07-04 |
| | | |||
| * | Added i3D and RiotGames protocol dissectors. (#1609) | Toni | 2022-07-03 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | TargusDataspeed: avoid false positives (#1628) | Ivan Nardi | 2022-07-03 |
| | | | | | | TargusDataspeed dissector doesn't perform any real DPI checks but it only looks at the TCP/UDP ports. Delete it, and use standard logic to classify these flows by port. | ||
| * | Update ASN/IPs lists (#1627) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | bins: add support for 64bit bins (#1626) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | Skinny: rework and improve classification (#1625) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | Skype_Teams, Mining, SnapchatCall: fix flow category (#1624) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | Minor changes in how classification results are set (#1623) | Ivan Nardi | 2022-07-03 |
| | | | | | | Protocol classification should always be set via `ndpi_set_detected_protocol()`: this way, the values in `flow->detected_protocol_stack[]` are always coherent. | ||
| * | Usenet: improve dissection (#1622) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | Fix category for mail sessions (#1621) | Ivan Nardi | 2022-07-03 |
| | | | | Close #629 | ||
| * | TLS: add support for old DTLS versions and for detection of mid-sessions (#1619) | Ivan Nardi | 2022-07-03 |
| | | |||
| * | Fix a compilation warning (#1620) | Ivan Nardi | 2022-07-03 |
| | | | | | | | | | With clang-15 (nightly build) ``` In file included from ndpi_bitmap.c:39: ./third_party/src/roaring.cc:14233:13: warning: variable 'run_count' set but not used [-Wunused-but-set-variable] int run_count = 0; ``` | ||
| * | Improved TFTP. Dissect Read/Write Request filenames. (#1617) | Toni | 2022-07-03 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Added Cloudflare WARP detection patterns. (#1615) (#1616) | Toni | 2022-07-02 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Fixed SMTP default port 587 | Luca Deri | 2022-07-02 |
| | | |||
| * | Added TunnelBear VPN detection patterns. (#1615) | Toni | 2022-07-01 |
| | | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
| * | Removed space from "Genshin Impact" | Luca Deri | 2022-06-30 |
| | | |||
| * | Renamed Z39.50 -> Z3950 as the '.' breaks the naming convention | Luca | 2022-06-28 |
| | | | | | QUIC is a network protocol | ||
| * | Enhanced TLS risk info reported to users | Luca Deri | 2022-06-28 |
| | | |||
| * | Added default port for syslog TCP | Luca Deri | 2022-06-27 |
| | | |||
| * | Fix compilation and sync unit tests results (#1606) | Ivan Nardi | 2022-06-20 |
| | | |||
| * | Added unidirectional traffic flow risk | Luca Deri | 2022-06-20 |
| | | |||
| * | Improved SOAP via HTTP. (#1605) | Toni | 2022-06-18 |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Improved GenshinImpact protocol dissector. (#1604) | Toni | 2022-06-18 |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Added collectd dissector (again). (#1601) | Toni | 2022-06-17 |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||
| * | Replaced nDPI's internal hashmap with uthash. (#1602) | Toni | 2022-06-17 |
| | | | | Signed-off-by: lns <matzeton@googlemail.com> | ||