From 55364ef0b4ef629630a663dc7b05d83c1b662067 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Thu, 11 Jun 2020 18:51:53 +0200
Subject: Added DGA risk for names that look like a DGA

---
 src/lib/protocols/dns.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'src/lib/protocols/dns.c')

diff --git a/src/lib/protocols/dns.c b/src/lib/protocols/dns.c
index 460117c96..099f343e4 100644
--- a/src/lib/protocols/dns.c
+++ b/src/lib/protocols/dns.c
@@ -292,8 +292,10 @@ static void ndpi_search_dns(struct ndpi_detection_module_struct *ndpi_struct, st
 	cl--;
       }
     }
-    flow->host_server_name[j] = '\0';
 
+    flow->host_server_name[j] = '\0';
+    ndpi_check_dga_name(ndpi_struct, flow, (char*)flow->host_server_name);
+    
     if(j > 0) {
       ndpi_protocol_match_result ret_match;
 
-- 
cgit v1.2.3