vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-01 00:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
3155 commits 9 branches 12 tags 263 MiB
Commit graph

1922 commits

Author SHA1 Message Date
Nardi Ivan
dcac633878 QUIC: add support for MVFST EXPERIMENTAL version 2020-09-20 16:38:28 +02:00
Toni Uhlig
fdef6f3545
Fixed broken `make dist' and added CI check. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-19 02:23:53 +02:00
Toni Uhlig
d0052fd5b2
Using NDPI_I64_FORMAT, NDPI_U64_FORMAT format string to differentiate between Windows and non-Windows. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-18 19:46:20 +02:00
Toni Uhlig
bcce122665
Fixed mingw build w/o examples/tests/fuzzer. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-18 19:46:07 +02:00
Luca Deri
b5b4512022 Added MDNS in extra packet dissection function 2020-09-18 00:08:27 +02:00
Luca Deri
d81bc1add6 Reworked MDNS dissector that is not based on the DNS dissector 2020-09-17 23:24:02 +02:00
Luca Deri
753b5dde16
Merge pull request #1012 from IvanNardi/ua 
QUIC: extract User Agent information
 2020-09-17 21:32:25 +02:00
Luca Deri
9189aee83b Disabled QUIC tracing that pollutes the output 2020-09-17 14:37:56 +02:00
Luca
ad8318e247 Commented unused function 2020-09-13 09:48:29 +02:00
Alfredo Cardigliano
91e3292e6b Temporarily keep using snprintf 2020-09-11 19:17:10 +02:00
Luca Deri
98a81cb163 Reworked DGA checks 2020-09-11 10:31:19 +02:00
Alfredo Cardigliano
3a6ba7fa12 Replace snprintf with ndpi_snappend 2020-09-11 10:04:43 +02:00
Luca Deri
37abe0daea Added boundary check 2020-09-10 20:06:25 +02:00
Luca Deri
1c0e617d80 Added buffer check in DGA analysis 2020-09-10 19:58:31 +02:00
Nardi Ivan
8db084ab06 TLS: fix memory accesses in QUIC transport parameters extension 2020-09-10 18:19:18 +02:00
lucaderi
ea4240055d Complation fix as not on all platforms isnumber() is available 2020-09-10 00:05:02 +02:00
Luca Deri
5ac870074b
Merge pull request #1014 from lnslbrty/improved/teamspeak 
Improved Teamspeak(3) protocol detection.
 2020-09-09 23:28:21 +02:00
Luca Deri
7086197047 Added extension to detect nested subdomains as used in Browsertunnel attack tool 
https://github.com/veggiedefender/browsertunnel
 2020-09-09 23:25:19 +02:00
Toni Uhlig
8ca13bc46a
Improved Teamspeak(3) protocol detection. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-09 21:57:31 +02:00
Alfredo Cardigliano
842c00e681 Add missing low-level serializer calls to the API 2020-09-09 17:09:01 +02:00
Toni Uhlig
4c776501a6
Fixed shlib xcompile for x86_64-w64-mingw32 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-08 19:52:46 +02:00
Nardi Ivan
7d5a0e1f04 QUIC: extract User Agent information 2020-09-08 11:03:22 +02:00
Nardi Ivan
a1014e8895 http: create a common function to parse User Agent field 
Prepare the code to handle UA information from flows other than HTTP
 2020-09-08 10:34:05 +02:00
Toni Uhlig
41d35fc7d0
Updated DoT/DoH provider. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-07 20:22:45 +02:00
Toni Uhlig
799a6abfe6
Improved dnscrypt v1/v2 protocol detection. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-06 23:24:55 +02:00
Alfredo Cardigliano
8ed6409b35 Add start_of_block/end_of_block support to TLV 2020-09-04 17:23:04 +02:00
Luca Deri
3f49062db9 Added some additional TLS mappings 2020-09-02 23:35:22 +02:00
Toni Uhlig
7051acc0b5
Fixed off-by-one error in Kerberos protocol. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-02 07:37:26 +02:00
Toni Uhlig
580859a47d
Fixed false positive detection for Skype.SkypeCall (affects at least Cisco HSRP and RADIUS). 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-02 07:29:33 +02:00
Luca Deri
5d2551ff3e Added boundary check 2020-09-01 22:31:34 +02:00
Luca Deri
8575a07113 Added check for ndpi_ssl_version2str() 2020-08-31 17:23:00 +02:00
Luca Deri
460ff3c7ab Added (optional) notifier for LRU add 2020-08-31 08:47:16 +02:00
Luca Deri
029448759b
Merge pull request #999 from IvanNardi/quic 
QUIC: add support for GQUIC T050 and T051
 2020-08-30 20:56:15 +02:00
Nardi Ivan
7da4abe6ad QUIC: add support for GQUIC T050 and T051 
QUIC versioning wasn't complex enough without T05X family...
These versions are very similar to Q050, but use TLS as their handshake
protocol.
 2020-08-30 20:51:33 +02:00
Luca Deri
638624869a Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are not condidered safe/secure 2020-08-30 20:48:58 +02:00
Luca Deri
647c7d59bb Improved ntop detection over HTTP 
Added cap on number of attempts for CiscoVPN
 2020-08-30 19:42:09 +02:00
Luca Deri
f597086386 Stddev calculation changes 2020-08-30 12:48:32 +02:00
Luca Deri
dd75060932 Fixed false positive in suspicous user agent 
Optimized stddev calculation
 2020-08-30 12:25:15 +02:00
Luca Deri
8bf95b6198
Merge pull request #996 from lnslbrty/fix/travis-ci 
Fix travis-ci related errors.
 2020-08-28 13:04:26 +02:00
Toni Uhlig
e998fc28d1
Fixed use-of-uninitialized-value in QUIC clho decryption probably caused by a BUG in libgcrypt (not verified). 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-08-27 16:30:05 +02:00
Simone Mainardi
1810281d7f Fixes control reaches end of non-void function 2020-08-27 10:39:36 +02:00
Simone Mainardi
f0325f713a Passes method_len param to ndpi_http_str2method 2020-08-27 10:05:38 +02:00
Toni Uhlig
5b27dfdd0c
Moved NDPI_CURRENT_PROTO define before ndpi_api.h include to prevent a redefinition warning. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-08-27 00:29:44 +02:00
Luca Deri
2e8aa9f08e Added ndpi_http_method ndpi_http_str2method(const char* method) API call 2020-08-26 23:17:19 +02:00
Luca Deri
487d915262 Added ndpi_http_method2str() API call 2020-08-26 12:25:28 +02:00
Nardi Ivan
97b80a8838 QUIC: minor fixes 
LGTM found a real issue on a boundary check
Fix unit tests: a pcap ha been uploaded twice (with different names)
Fix compilation when using DPDK (see #990)
 2020-08-24 13:53:36 +02:00
Luca Deri
b8307eb855 Creared IoT-Scada category 
Minor dnp3 changes
 2020-08-23 13:32:36 +02:00
Luca Deri
46ba657562 Cosmetic fix 2020-08-22 23:48:00 +02:00
Luca Deri
af3ce74e02 Fixes compilation issues introduced by https://github.com/ntop/nDPI/pull/989 2020-08-22 16:41:51 +02:00
Luca Deri
93003d0523 Warning fix 2020-08-22 16:41:42 +02:00