vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-02 00:40:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Added risks for checking

Browse source 
- invalid DNS traffic (probably carrying exfiltrated data)
- TLS traffic with no SNI extension
This commit is contained in:
Luca Deri 2020-09-21 19:57:23 +02:00
parent 0259ff58e1
commit 60a9f6610d
19 changed files with 164 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

2
python/ndpi.py
View file

@ -314,6 +314,8 @@ typedef enum {
NDPI_SMB_INSECURE_VERSION,
NDPI_TLS_SUSPICIOUS_ESNI_USAGE,
NDPI_UNSAFE_PROTOCOL,
NDPI_DNS_SUSPICIOUS_TRAFFIC,
NDPI_TLS_MISSING_SNI,
/* Leave this as last member */
NDPI_MAX_RISK
} ndpi_risk_enum;