| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Sync unit tests results (#1423) | Ivan Nardi | 2022-01-28 |
| | | | | Fix: 7a3aa41a | ||
| * | Add a "confidence" field about the reliability of the classification. (#1395) | Ivan Nardi | 2022-01-11 |
| | | | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic. | ||
| * | ndpiReader: slight simplificaton of the output (#1378) | Ivan Nardi | 2021-11-27 |
| | | |||
| * | Fixed cleartext protocol assignment (#1357) | Ivan Nardi | 2021-10-25 |
| | | |||
| * | Refreshed results list | Luca Deri | 2021-10-16 |
| | | |||
| * | Updated test results after latest commit | Luca Deri | 2021-10-16 |
| | | |||
| * | Fix parsing of ipv6 packets with extension headers | Nardi Ivan | 2021-09-19 |
| | | | | | | | | | Decoding of ipv6 traffic with extension headers was completely broken, since the beginning of the L4 header was always set to a wrong value. Handle the ipv6 fragments in the same way as the ipv4 ones: keep the first one and drop the others. | ||
| * | Updated output | Luca Deri | 2021-08-07 |
| | | |||
| * | ndpiReader: add statistics about nDPI performance (#1240) | Ivan Nardi | 2021-07-13 |
| | | | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits. | ||
| * | Improved TLS browser detection heuristics | Luca Deri | 2021-05-19 |
| | | |||
| * | Added flow risk score | Luca Deri | 2021-05-18 |
| | | |||
| * | Added browser TLS heuristic | Luca Deri | 2021-05-13 |
| | | |||
| * | Improved DGA detection with trigrams. Disadvantage: slower startup time | Luca Deri | 2021-03-03 |
| | | | | | | Reworked Tor dissector embedded in TLS (fixes #1141) Removed false positive on HTTP User-Agent | ||
| * | Modified JA3 fingerprint message | Luca Deri | 2021-02-24 |
| | | |||
| * | Added NDPI_MALICIOUS_JA3 flow risk | Luca Deri | 2021-02-22 |
| | | | | | Added ndpi_load_malicious_ja3_file() API call | ||
| * | Improved nDPI string matching algorithm | Luca Deri | 2021-02-18 |
| | | |||
| * | QUIC: improve handling of SNI (#1105) | Ivan Nardi | 2021-01-07 |
| | | | | | | | | | | | | | | * QUIC: SNI should be always saved in flow->protos.stun_ssl.ssl.client_requested_server_name Close #1077 * QUIC: fix matching of custom categories * QUIC: add NDPI_TLS_MISSING_SNI support for older GQUIC versions * QUIC: fix serialization * QUIC: add DGA check for older GQUIC versions | ||
| * | Fixes #1029 | Luca Deri | 2020-11-27 |
| | | |||
| * | Reworked MDNS dissector that is not based on the DNS dissector | Luca Deri | 2020-09-17 |
| | | |||
| * | QUIC: extract User Agent information | Nardi Ivan | 2020-09-08 |
| | | |||
| * | Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are ↵ | Luca Deri | 2020-08-30 |
| | | | | | not condidered safe/secure | ||
| * | Fixed false positive in suspicous user agent | Luca Deri | 2020-08-30 |
| | | | | | Optimized stddev calculation | ||
| * | Fixed partial TLS dissection | Luca Deri | 2020-07-30 |
| | | |||
| * | Changed due to bin size extension | Luca Deri | 2020-07-30 |
| | | |||
| * | Updated test results due to bin changes | Luca Deri | 2020-07-09 |
| | | |||
| * | Fixes #906 | Luca Deri | 2020-06-22 |
| | | | | | Packet bins are not printed wehn empty | ||
| * | Added ndpi_bin_XXX API | Luca Deri | 2020-06-22 |
| | | | | | Added packet lenght distribution bins | ||
| * | Added DGA risk for names that look like a DGA | Luca Deri | 2020-06-11 |
| | | |||
| * | Added TLS weak cipher and obsolete protocol version detection | Luca Deri | 2020-05-10 |
| | | |||
| * | Added TLS issuerDN and subjectDN | Luca Deri | 2020-05-07 |
| | | |||
| * | Updated results | Luca Deri | 2020-04-21 |
| | | |||
| * | Results update | Luca Deri | 2020-04-17 |
| | | |||
| * | NetBIOS dissection improvements | Luca Deri | 2020-03-01 |
| | | |||
| * | Remove decimals in test results for IAT, packet lengths and goodput ratio | emanuele-f | 2020-02-14 |
| | | |||
| * | Added export of TLS supported version in TLS header | Luca Deri | 2020-02-07 |
| | | |||
| * | Added TLS ALPN support | Luca Deri | 2020-02-07 |
| | | |||
| * | Improved DNS response decoding | Luca Deri | 2020-02-04 |
| | | | | | The first decoded address is now reported by ndpiReader | ||
| * | Reworked TLS dissection | Luca | 2020-01-01 |
| | | |||
| * | Updated results | Luca Deri | 2019-11-21 |
| | | |||
| * | Added NetBIOS metadata export | Luca Deri | 2019-10-08 |
| | | |||
| * | Manual merge of pull #769 | Luca Deri | 2019-10-02 |
| | | |||
| * | Improved category handlign in subprotocols | Luca Deri | 2019-09-27 |
| | | | | | | Further DNS dissection fixes Fixed WeChat invalid category | ||
| * | Improves IAT calculation | Luca | 2019-09-24 |
| | | |||
| * | As TLS certificate fingerprint is computed, TLS without certificate protocol ↵ | Luca Deri | 2019-09-15 |
| | | | | | | | has been removed Various improvemenets in detection quality | ||
| * | Fixed timezone conversion | Luca Deri | 2019-09-10 |
| | | |||
| * | Changes in validity format | Luca Deri | 2019-09-10 |
| | | |||
| * | Uddated results | Luca Deri | 2019-09-10 |
| | | |||
| * | Parsed TLS certificate validity | Luca Deri | 2019-09-10 |
| | | |||
| * | Refreshed Tor node list | Luca Deri | 2019-09-08 |
| | | |||
| * | Added -C to generate CSV analysis files | Luca | 2019-09-03 |
| | | | | | Improved IAT and byte distribution | ||