vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-29 23:49:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
5656 commits 9 branches 12 tags 263 MiB
Commit graph

100 commits

Author SHA1 Message Date
Ivan Nardi
513e386959
Extend protocols support (#1422) 
Add detection of AccuWeather site/app and Google Classroom.
Improve detection of Azure, Zattoo, Whatsapp, MQTT and LDAP.

Fix some RX false positives.

Fix some "Uncommon TLS ALPN"-risk false positives.

Fix "confidence" value for some Zoom/Torrent classifications.

Minor fix in Lua script for Wireshark extcap.

Update .gitignore file.

Let GitHub correctly detect the language type of *.inc files.

Zattoo example has been provided by @subhajit-cdot in #1148.
 2022-01-29 09:19:26 +01:00
Luca Deri
58a9aff17c Added NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE flow risk 
Added ndpi_set_tls_cert_expire_days() API call to modify the number of days for triggering the above alert that by default is set to 30 days
 2022-01-26 09:23:23 +01:00
Luca Deri
c4ac53a03f Added support for Log4J/Log4Shell detection in nDPI via a new flow risk named NDPI_POSSIBLE_EXPLOIT 2021-12-23 21:30:16 +01:00
Toni
41765efcf8
Detect invalid characters in text and set a risk. Fixes #1347. (#1363) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2021-10-26 21:34:01 +02:00
Ivan Nardi
994bd0696b
Small fixes after latest commits (#1308) 2021-09-18 09:31:00 +02:00
deboracerretini
8f113c1d37
Progetto esame Gestione di Reti - Debora Cerretini (#1290) 
* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
 2021-09-17 11:01:50 +02:00
Luca Deri
00857abf2c Added new risk for clear text credentials 2021-09-10 22:00:04 +02:00
Ivan Nardi
55eec29c08
wireshark/lua: restore full flow risks dissection (#1275) 
It was partially disabled in 3eba8cc5.
Wireshark and Wireshark-Lua bindings don't handle 64 bit integer very well.
(see https://www.wireshark.org/docs/wsdg_html_chunked/lua_module_Int64.html).

As workaround, only for visualization purpose, split the (64 bit) risk mask
into two 32 bit integer values.
 2021-08-18 11:34:46 +02:00
Luca Deri
0df8aa19ec Clode cleanup (after last merge) 2021-08-08 17:10:08 +02:00
Luca Deri
4183718952 Added TLS fatal alert flow risk 2021-08-07 19:40:44 +02:00
Luca Deri
3eba8cc5b5 Temporary fix for avoiding wireshark errors 2021-07-14 12:51:42 +02:00
pacant
19a29e1e22
TLS Risks - Certificate Validity Too Long (#1239) 
* Added flow risk: TLS certificate too long

* Added flow risk: TLS certificate too long

* Date for TLS limit added

* TLS certificate check fixed

Co-authored-by: pacant <a.pace97@outlook.com>
 2021-07-14 11:13:22 +02:00
Luca Deri
0afc8ace3d Added nDPI Score report 2021-06-17 23:52:01 +02:00
Luca Deri
c9f582805b Fixed flow score label 2021-06-11 19:53:07 +02:00
Ivan Nardi
654e84ff02
wireshark/lua: improve flow risk visualization (#1194) 
Create a separated proto field entry for each possible flow risk.
This way, filtering will be more natural: you can use something like
"ndpi.flow_risk.desktop_file_sharing_session"
 2021-06-02 21:28:50 +02:00
Ivan Nardi
71b81d3799
wireshark/lua: fix offsets (#1187) 2021-05-18 21:36:46 +02:00
Luca Deri
5079bb1106 Fixed typo 2021-05-11 21:33:48 +02:00
Luca Deri
4297a65ce8 Implemented flow score in Wireshark integration 2021-05-10 22:43:05 +02:00
Luca Deri
70686249c9 Updated code due to https://github.com/ntop/nDPI/pull/1175 2021-04-27 08:12:14 +02:00
Luca Deri
4a09707e48 Added flow risk to wireshark dissection 2021-04-26 10:17:29 +02:00
Ivan Nardi
ceb98a3f9c
wireshark/lua: fix handling of VLAN traffic (#1162) 2021-04-05 19:23:56 +02:00
Luca Deri
db5aeb0cb1 Readme update 2021-04-01 10:24:44 +02:00
Nardi Ivan
3c66ca236b Make lua script more robust 2020-06-25 18:02:03 +02:00
Luca
05ef62781f Fixes for wireshark 3 2019-03-01 15:19:05 +01:00
Luca Deri
78176d2b7b Added timeseries dump (disabled by default) 2018-05-02 00:11:55 +02:00
Luca Deri
64633939e0 Added NetFlix block for Rogers 2018-04-28 10:07:54 +02:00
Luca Deri
b92541a08e Added flow and timing support 2018-04-26 00:04:26 +02:00
Luca Deri
f7e95b4ee8 Fixed DHCP layout 2017-10-14 14:23:49 +02:00
Luca Deri
2ee871f5e6 Added Android fingerprint 2017-10-14 12:59:28 +02:00
Luca Deri
39d7738042 Implemented DHCP fingerprinting 2017-10-14 12:29:25 +02:00
Luca Deri
75993242b0 Implemented HTTP User Agent discovery 2017-10-14 11:21:01 +02:00
Luca
8395bdac97 Implemented RPC latency 2017-06-20 23:16:59 -04:00
Luca
e2119896db Added protocl info in wireshark info columm 2017-06-20 14:19:55 -04:00
Luca
090dc752bd Added OOO, restransmission, segment losts 2017-06-14 21:35:46 -04:00
Luca Deri
9a4634adbb Fixes for latency calculation 2017-06-06 21:22:46 +02:00
Luca Deri
984eedc5ea Code cleanup 2017-06-06 11:40:30 +02:00
Luca Deri
7bf508df0a Improved ARP/VLAN stats 2017-06-05 18:05:02 +02:00
Luca Deri
5570e6cbee Fixed bug that was preventiv packets to be analyzed properly 
Fixed ARP stats calculation
 2017-06-03 18:39:43 +02:00
Luca Deri
2049e3d655 Added SSL dissection 2017-06-03 11:35:51 +02:00
Luca Deri
67aa9f2350 Implemented Application/Network latency 
Implemented DNS stats
Moved all menu entries unser Tools -> ntop menu
 2017-06-02 21:47:55 +02:00
Luca
2b9f8f6a89 Fixed nDPI report formatting 2017-05-29 16:46:28 +02:00
Luca Deri
61f8f56719 Implemented network latency dissector 2017-05-26 12:46:19 +02:00
Luca Deri
07b1a93026 Latency calculation (work in progress) 2017-05-25 16:44:48 +02:00
Luca Deri
98dcfd8393 Reworked MAC stats 2017-05-25 10:55:41 +02:00
Luca Deri
50e26ca400 Implemented MAC stats 2017-05-24 00:51:21 +02:00
Luca Deri
c723f7e668 Added VLAN / ARP stats 2017-05-23 23:31:43 +02:00
Luca Deri
724d182939 Restored file selection as the wireshark bug seems to be fixed in 2.3.x wireshark series 2017-05-17 22:33:44 +02:00
Luca Deri
d4a16d9e55 Improced extcap configuration window with sorted protocol list 
Reported flow stats in Statistics -> nDPI menu
 2017-04-25 11:21:40 +02:00
Luca Deri
43f18ddb0f Updated Wireshark lua dissector 
Added -v to ndpiReader to print port stats
Recomputed protocol test results
 2017-04-24 00:45:43 +02:00
Luca Deri
b9a2511ea8 Initial Wireshark nDPI integration 2017-04-23 19:58:41 +02:00