From 58a9aff17cec2842b5d232eee5a39c0d58a01a75 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Wed, 26 Jan 2022 09:23:23 +0100 Subject: Added NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE flow risk Added ndpi_set_tls_cert_expire_days() API call to modify the number of days for triggering the above alert that by default is set to 30 days --- doc/flow_risks.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/flow_risks.rst b/doc/flow_risks.rst index 417426e48..52e19212c 100644 --- a/doc/flow_risks.rst +++ b/doc/flow_risks.rst @@ -246,4 +246,10 @@ Additionally, some TLS protocol fields are checked for printable characters as w NDPI_POSSIBLE_EXPLOIT ===================== -The risk is set whenever a a possible exploit (e.g. Log4J/Log4Shell) is detected. +The risk is set whenever a possible exploit (e.g. Log4J/Log4Shell) is detected. + +.. _Risk 041: + +NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE +=================================== +The risk is set whenever a TLS certificate is close to the expiration date. -- cgit v1.2.3