From 225ff7f8a4ecb2b55b164a4d5544736a43f1fbf4 Mon Sep 17 00:00:00 2001
From: Luca <deri@ntop.org>
Date: Wed, 3 Apr 2024 15:41:26 +0200
Subject: Added binary data transfer risk alert

---
 doc/flow_risks.rst | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/flow_risks.rst b/doc/flow_risks.rst
index 08ded148a..5344b8425 100644
--- a/doc/flow_risks.rst
+++ b/doc/flow_risks.rst
@@ -247,7 +247,7 @@ Additionally, some TLS protocol fields are checked for printable characters as w
 
 NDPI_POSSIBLE_EXPLOIT
 =====================
-The risk is set whenever a possible exploit (e.g. `Log4J/Log4Shell <https://en.wikipedia.org/wiki/Log4Shell>`_) is detected.
+The risk is set whenever a possible exploit attempt (e.g. `Log4J/Log4Shell <https://en.wikipedia.org/wiki/Log4Shell>`_) is detected.
 
 .. _Risk 041:
 
@@ -328,3 +328,9 @@ Invalid TLS ALPN/SNI mismatch. For instance ALPN advertises the flow as h2 (HTTP
 NDPI_MALWARE_CONTACTED
 ======================
 Client contacted a server host labelled as malware.
+
+.. _Risk 054:
+
+NDPI_BINARY_TRANSFER_ATTEMPT
+============================
+HTTP only: this risk indicates that a binary data application has been attempted (but failed).
-- 
cgit v1.2.3