blob: 0a453c5d7c8e03a0d2612adefc45390cd10ad3b0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
#Useful ndpiReader configuration to analyse VPN and/or obfuscated traffic
#Flow risk info: only about obfuscation
--cfg=flow_risk.all.info,0 --cfg=flow_risk.obfuscated.info,1
#Generic limits
--cfg=packets_limit_per_flow,255 -U 0 -T 0
#Fully encrypted protocols
--cfg=fully_encrypted_heuristic,1
#TLS heuristics
--cfg=tls,dpi.heuristics,0x07 --cfg=tls,dpi.heuristics.max_packets_extra_dissection,25
#OpenVPN heuristic
--cfg=openvpn,dpi.heuristics,0x01
|