From c4ac53a03fa1fbfd5a5d7fea507cfcbe5b307914 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Thu, 23 Dec 2021 21:30:16 +0100 Subject: Added support for Log4J/Log4Shell detection in nDPI via a new flow risk named NDPI_POSSIBLE_EXPLOIT --- src/lib/ndpi_main.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/lib/ndpi_main.c') diff --git a/src/lib/ndpi_main.c b/src/lib/ndpi_main.c index 7e1829b22..84c32d79b 100644 --- a/src/lib/ndpi_main.c +++ b/src/lib/ndpi_main.c @@ -108,6 +108,7 @@ static ndpi_risk_info ndpi_known_risks[] = { { NDPI_DNS_LARGE_PACKET, NDPI_RISK_MEDIUM, CLIENT_FAIR_RISK_PERCENTAGE }, { NDPI_DNS_FRAGMENTED, NDPI_RISK_MEDIUM, CLIENT_FAIR_RISK_PERCENTAGE }, { NDPI_INVALID_CHARACTERS, NDPI_RISK_HIGH, CLIENT_HIGH_RISK_PERCENTAGE }, + { NDPI_POSSIBLE_EXPLOIT, NDPI_RISK_SEVERE, CLIENT_HIGH_RISK_PERCENTAGE }, /* Leave this as last member */ { NDPI_MAX_RISK, NDPI_RISK_LOW, CLIENT_FAIR_RISK_PERCENTAGE } -- cgit v1.2.3