Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Fix writes to `flow->protos` union fields (#1354) | Ivan Nardi | 2021-11-15 |
| | | | | | | | | | | | | | | | | | | | | | | | | | We can write to `flow->protos` only after a proper classification. This issue has been found in Kerberos, DHCP, HTTP, STUN, IMO, FTP, SMTP, IMAP and POP code. There are two kinds of fixes: * write to `flow->protos` only if a final protocol has been detected * move protocol state out of `flow->protos` The hard part is to find, for each protocol, the right tradeoff between memory usage and code complexity. Handle Kerberos like DNS: if we find a request, we set the protocol and an extra callback to further parsing the reply. For all the other protocols, move the state out of `flow->protos`. This is an issue only for the FTP/MAIL stuff. Add DHCP Class Identification value to the output of ndpiReader and to the Jason serialization. Extend code coverage of fuzz tests. Close #1343 Close #1342 | ||
* | Detect invalid characters in text and set a risk. Fixes #1347. (#1363) | Toni | 2021-10-26 |
| | | | Signed-off-by: Toni Uhlig <matzeton@googlemail.com> | ||
* | Updated test results after latest commit | Luca Deri | 2021-10-16 |
| | |||
* | Removed outdated (and broken) soulseek dissector | Luca Deri | 2021-10-15 |
| | |||
* | Fix unit test results after 00857abf (#1295) | Ivan Nardi | 2021-09-11 |
| | |||
* | Fixed some invalid TLS guesses | Luca Deri | 2021-08-17 |
| | |||
* | Updated output | Luca Deri | 2021-08-07 |
| | |||
* | Reworked flow risk implementation | Luca Deri | 2021-07-23 |
| | |||
* | Updated download category name | Luca Deri | 2021-07-16 |
| | |||
* | ndpiReader: add statistics about nDPI performance (#1240) | Ivan Nardi | 2021-07-13 |
| | | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits. | ||
* | Updated category labels | Luca Deri | 2021-07-08 |
| | |||
* | Added flow risk score | Luca Deri | 2021-05-18 |
| | |||
* | Fixed invalid DNS dissection | Luca Deri | 2021-04-26 |
| | |||
* | Improved DGA detection | Luca Deri | 2021-03-03 |
| | | | | | | | | Before Accuracy 66%, Precision 86%, Recall 38% After Accuracy 71%, Precision 89%, Recall 49% | ||
* | Improved DGA detection with trigrams. Disadvantage: slower startup time | Luca Deri | 2021-03-03 |
| | | | | | Reworked Tor dissector embedded in TLS (fixes #1141) Removed false positive on HTTP User-Agent | ||
* | Improved DNS dissector | Luca Deri | 2021-02-26 |
| | |||
* | Fixes #1029 | Luca Deri | 2020-11-27 |
| | |||
* | Reworked MDNS dissector that is not based on the DNS dissector | Luca Deri | 2020-09-17 |
| | |||
* | Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are ↵ | Luca Deri | 2020-08-30 |
| | | | | not condidered safe/secure | ||
* | Fixed false positive in suspicous user agent | Luca Deri | 2020-08-30 |
| | | | | Optimized stddev calculation | ||
* | Changed due to bin size extension | Luca Deri | 2020-07-30 |
| | |||
* | Updated test results due to bin changes | Luca Deri | 2020-07-09 |
| | |||
* | Added malformed packet risk support | Luca Deri | 2020-06-26 |
| | |||
* | Fixes #906 | Luca Deri | 2020-06-22 |
| | | | | Packet bins are not printed wehn empty | ||
* | Added ndpi_bin_XXX API | Luca Deri | 2020-06-22 |
| | | | | Added packet lenght distribution bins | ||
* | Added fuzz-2006-06-26-2594.pcap fuzzy pcap | Luca Deri | 2020-03-23 |