Added support for unresolved hostname risk

2026-04-30 07:59:35 +00:00 · 2025-08-04 22:47:34 +02:00 · 2025-08-04 22:47:34 +02:00 · 9568fa96aa
commit 9568fa96aa
parent e28b1a6769
10 changed files with 101 additions and 19 deletions
--- a/scripts/lua/modules/alert_keys/flow_alert_keys.lua
+++ b/scripts/lua/modules/alert_keys/flow_alert_keys.lua
@ -57,7 +57,7 @@ local flow_alert_keys = {
   flow_alert_ndpi_malformed_packet                = 48,
   flow_alert_ndpi_ssh_obsolete_server             = 49,
   flow_alert_ndpi_smb_insecure_version            = 50,
-   flow_alert_ndpi_not_used_anymore                = 51, -- Not used anymore
+   flow_alert_ndpi_unresolved_hostname             = 51,
   flow_alert_ndpi_unsafe_protocol                 = 52,
   flow_alert_ndpi_dns_suspicious_traffic          = 53,
   flow_alert_ndpi_tls_missing_sni                 = 54,
@ -102,7 +102,7 @@ local flow_alert_keys = {
   flow_alert_modbus_unexpected_function_code      = 93,
   flow_alert_modbus_too_many_exceptions           = 94,
   flow_alert_modbus_invalid_transition            = 95,
-   flow_alert_ndpi_not_used_anymore_2              = 96, -- Not Used
+   flow_alert_ndpi_unresolved_hostname             = 96,
   flow_alert_ndpi_tls_alpn_sni_mismatch           = 97,
   flow_alert_ndpi_malware_host_contacted          = 98,
   flow_alert_ndpi_binary_data_transfer            = 99,
@ -112,7 +112,7 @@ local flow_alert_keys = {
   flow_alert_host_policy                          = 103,
   flow_alert_qoe_degraded                         = 104,
   flow_alert_ndpi_obfuscated_traffic              = 105,
-   
+
   -- NOTE: do not go beyond the size of the alert_map bitmal inside Flow.h (currently 128)
 }