| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Added unidirectional traffic flow risk | Luca Deri | 2022-06-20 |
| | | |||
| * | Updated DNS alert triggered only with TTL == 0 | Luca Deri | 2022-06-14 |
| | | |||
| * | Improved DNS traffic analysis | Luca Deri | 2022-06-13 |
| | | | | | Added ability to identify application and network protocols | ||
| * | Fixed dispay bug for risk_info | Luca Deri | 2022-05-30 |
| | | |||
| * | Updated tests results | Luca Deri | 2022-05-30 |
| | | | | | Code cleanup | ||
| * | Sync unit tests results (#1533) | Ivan Nardi | 2022-04-27 |
| | | |||
| * | Fix Grease values parsing (#1416) | havsah | 2022-01-21 |
| | | | | | | | | | | | | The check for grease was too broad and filtered some valid values. In particular, the value 257 was skipped because it matched the previous check. This has been discovered while parsing tests/pcap/443-firefox.pcap expected ja3: 771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256-257,0 previously generated ja3: 771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23-24-25-256,0 Signed-off-by: Patrick Havelange <patrick.havelange_ext@softathome.com> | ||
| * | Add a "confidence" field about the reliability of the classification. (#1395) | Ivan Nardi | 2022-01-11 |
| | | | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic. | ||
| * | ndpiReader: slight simplificaton of the output (#1378) | Ivan Nardi | 2021-11-27 |
| | | |||
| * | Refreshed results list | Luca Deri | 2021-10-16 |
| | | |||
| * | Updated output | Luca Deri | 2021-08-07 |
| | | |||
| * | ndpiReader: add statistics about nDPI performance (#1240) | Ivan Nardi | 2021-07-13 |
| | | | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits. | ||
| * | Added flow risk score | Luca Deri | 2021-05-18 |
| | | |||
| * | Added browser TLS heuristic | Luca Deri | 2021-05-13 |
| | | |||
| * | Fixed false positive in suspicous user agent | Luca Deri | 2020-08-30 |
| | | | | | Optimized stddev calculation | ||
| * | Fixed partial TLS dissection | Luca Deri | 2020-07-30 |
| | | |||
| * | Changed due to bin size extension | Luca Deri | 2020-07-30 |
| | | |||
| * | User agent detection improvements | Luca Deri | 2020-07-21 |
| | | |||
| * | Updated test results due to bin changes | Luca Deri | 2020-07-09 |
| | | |||
| * | Fixes #906 | Luca Deri | 2020-06-22 |
| | | | | | Packet bins are not printed wehn empty | ||
| * | Added ndpi_bin_XXX API | Luca Deri | 2020-06-22 |
| | | | | | Added packet lenght distribution bins | ||
| * | Added fix to avoid potential heap buffer overflow in H.323 dissector | Luca Deri | 2020-05-19 |
| | | | | | Modified HTTP report information to make it closer to the HTTP field names | ||
| * | Added NDPI_TLS_CERTIFICATE_EXPIRED, NDPI_TLS_CERTIFICATE_MISMATCH, to ndpi_risk | Luca Deri | 2020-05-15 |
| | | |||
| * | Added the ability to detect when a known protocol is using a non-standard port | Luca Deri | 2020-05-10 |
| | | | | | Added check to spot executables exchanged via HTTP | ||
| * | Added TLS issuerDN and subjectDN | Luca Deri | 2020-05-07 |
| | | |||
| * | Results update | Luca Deri | 2020-04-17 |
| | | |||
| * | Remove decimals in test results for IAT, packet lengths and goodput ratio | emanuele-f | 2020-02-14 |
| | | |||
| * | Added export of TLS supported version in TLS header | Luca Deri | 2020-02-07 |
| | | |||
| * | Added TLS ALPN support | Luca Deri | 2020-02-07 |
| | | |||
| * | Improved DNS response decoding | Luca Deri | 2020-02-04 |
| | | | | | The first decoded address is now reported by ndpiReader | ||
| * | Reworked TLS dissection | Luca | 2020-01-01 |
| | | |||
| * | Updated results | Luca Deri | 2019-11-21 |
| | | |||
| * | Initial work towards HTTP content-type export | Luca | 2019-10-31 |
| | | |||
| * | Added telnet dissector | Luca | 2019-10-29 |
| | | | | | Improved data report | ||
| * | Improved HTTP reporting in ndpiReader | Luca Deri | 2019-10-25 |
| | | |||
| * | Major cleanup | Luca Deri | 2019-10-24 |
| | | | | | Removed ndpi_pref_http_dont_dissect_response and ndpi_pref_dns_dont_dissect_response as the ndpi_extra_dissection_possible() call will now handle everything | ||
| * | Manual merge of pull #769 | Luca Deri | 2019-10-02 |
| | | |||
| * | Added URL in results | Luca Deri | 2019-10-01 |
| | | |||
| * | Reworked categories handling | Luca Deri | 2019-09-29 |
| | | | | | | Removed GenericProtocol and replaced with categories Removed ndpi_pref_enable_category_substring_match option: substring matching is now default | ||
| * | Add test for custom categories match on HTTP and SSL flows | emanuele-f | 2019-09-27 |
| | | |||
| * | Add categories test PCAP | emanuele-f | 2019-09-27 |