aboutsummaryrefslogtreecommitdiff
path: root/tests/result/dns_dot.pcap.out
Commit message (Collapse)AuthorAge
* Improved Jabber/XMPP detection. (#1661)Toni2022-07-13
| | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* Keep track of how many dissectors calls we made for each flow (#1657)Ivan Nardi2022-07-11
|
* Fix handling of NDPI_UNIDIRECTIONAL_TRAFFIC risk (#1636)Ivan Nardi2022-07-05
|
* Added unidirectional traffic flow riskLuca Deri2022-06-20
|
* Updated risk resultsLuca Deri2022-05-30
|
* Updated tests resultsLuca Deri2022-05-30
| | | | Code cleanup
* Sync unit tests results (#1533)Ivan Nardi2022-04-27
|
* Sync unit tests results (#1423)Ivan Nardi2022-01-28
| | | Fix: 7a3aa41a
* Fix Grease values parsing (#1416)havsah2022-01-21
| | | | | | | | | | | The check for grease was too broad and filtered some valid values. In particular, the value 257 was skipped because it matched the previous check. This has been discovered while parsing tests/pcap/443-firefox.pcap expected ja3: 771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256-257,0 previously generated ja3: 771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256,0 Signed-off-by: Patrick Havelange <patrick.havelange_ext@softathome.com>
* Add a "confidence" field about the reliability of the classification. (#1395)Ivan Nardi2022-01-11
| | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic.
* TLS: add support for IPV6 in Subject Alt Names field (#1385)Ivan Nardi2021-12-18
|
* Fixed issue that prevented alt certificate names to be fully detected when ↵Luca Deri2021-12-07
| | | | ipAddress and rfc822Name were specified in certificates
* Updated test results after latest commitLuca Deri2021-10-16
|
* Updated outputLuca Deri2021-08-07
|
* ndpiReader: add statistics about nDPI performance (#1240)Ivan Nardi2021-07-13
| | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits.
* Added flow risk scoreLuca Deri2021-05-18
|
* Added browser TLS heuristicLuca Deri2021-05-13
|
* Tests updateLuca Deri2020-10-02
|
* Added risks for checkingLuca Deri2020-09-21
| | | | | - invalid DNS traffic (probably carrying exfiltrated data) - TLS traffic with no SNI extension
* Fixed partial TLS dissectionLuca Deri2020-07-30
|
* Changed due to bin size extensionLuca Deri2020-07-30
|
* Added ndpi_bin_XXX APILuca Deri2020-06-22
| | | | Added packet lenght distribution bins
* Added check in TLS 1.2+ for reporting a risk when TLS is not used to carry HTTPSLuca Deri2020-06-08
|
* Added NDPI_TLS_CERTIFICATE_EXPIRED, NDPI_TLS_CERTIFICATE_MISMATCH, to ndpi_riskLuca Deri2020-05-15
|
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
* Added TLS issuerDN and subjectDNLuca Deri2020-05-07
|
* Remove decimals in test results for IAT, packet lengths and goodput ratioemanuele-f2020-02-14
|
* Reworked TLS dissectionLuca2020-01-01
|
* Updated resultsLuca Deri2019-11-21
|
* Renamed DNSoverHTTPS to handle bot DoH and DoTLuca2019-11-08
Powered by cgit, Themed by Ted Yin.