vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-03 01:10:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18274 commits 26 branches 19 tags 446 MiB
Commit graph

578 commits

Author SHA1 Message Date
Luca Deri
21101c43f1 Added detection of periodic flows and exported it as flow risk in both flows and alerts 2022-12-30 19:48:26 +01:00
Luca Deri
e190632fd8 Various ICMP flow handling improvements 2022-12-17 21:39:17 +01:00
Luca Deri
cc297d35c3 Added Zoom streams handling 2022-12-09 22:05:49 +01:00
Luca Deri
5a9d9ee85b Added HTTP server in flow details 2022-12-05 21:56:44 +01:00
Luca Deri
71fbbdbf58 Implemented custom host script (WIP) 2022-11-24 12:34:14 +01:00
MatteoBiscosi
2e27e21cc8 Added SNMP flood check (#5905) 2022-11-23 12:14:42 +01:00
Luca Deri
a687b9280a Implemented custom script check 2022-11-23 11:11:45 +01:00
MatteoBiscosi
71bb0efbc2 Added DNS flood alert (#5905) 2022-11-22 11:13:02 +01:00
Luca Deri
45b7a1c931 Reworked local hosts port handling 2022-10-29 14:19:57 +02:00
Luca Deri
b48d19943e Fixed port counters 
Code indent
 2022-10-25 18:06:56 +02:00
Alfredo Cardigliano
0ef291e3d1 Fix Flow compilation 2022-10-17 17:22:42 +02:00
Luca Deri
f20c762dec Added support for nDPI network handling in flows 2022-10-16 23:32:55 +02:00
Luca Deri
6f68081826 Added the ability to un-merge DNS requests on the same UDP ports. 2022-10-11 23:38:51 +02:00
Luca Deri
d0e42b03f3 Added the ability to solt flows by serial that is useful for sorting traffic according to the time flows have been created 2022-10-08 11:22:04 +02:00
Luca
300558b3a4 Added flow payload handling 2022-10-04 12:00:22 +02:00
Alfredo Cardigliano
729ebc402b Update local2remote stats in the same place where network stats are updates. This fixes stats with netfilter and non-packet interfaces. Fix #6145 2022-09-21 11:00:00 +02:00
Luca Deri
e9b858f030 Datatypes cleanup 2022-09-19 17:24:08 +02:00
Luca Deri
7b4a4acd5a Improved service categorization 2022-08-20 19:34:47 +02:00
Alfredo Cardigliano
6b8e16151b Cleanup unused functions 2022-08-18 15:37:31 +02:00
Alfredo Cardigliano
fe48f82631 Improve local hosts lookups by using cached info when the network ID is not required 2022-07-19 12:54:33 +02:00
Luca
888be4858f Cosmetic changes 2022-07-12 11:40:31 +02:00
Luca Deri
7bb3d1480f No idea why we're still usinge const 2022-07-06 14:52:38 +02:00
Alfredo Cardigliano
72b19f8c64 Clear all risks for flows matching the IssuerDN Exclusion for self-signed certificates 2022-07-06 10:47:21 +00:00
Luca Deri
49c15bac20 Added DGA domain handling received via ZMQ 2022-07-04 22:30:37 +02:00
Luca Deri
bdbc84fef6 Implemented issuerDN exception handling 2022-07-04 21:39:36 +02:00
Luca Deri
20b373ef13 eBPF fixes 2022-06-14 18:03:49 +02:00
MatteoBiscosi
dee321129f Standardized score to ecs 2022-06-13 19:25:43 +02:00
Alfredo Cardigliano
8ddf0e6998 Store cli/srv location in alerts 2022-06-09 11:27:41 +02:00
Alfredo Cardigliano
bbf2edb5d5 Add process/container/tcp info for both client and server. Parse container id. 2022-06-08 18:27:17 +02:00
MatteoBiscosi
021086e44f Added dpi and guessed badge to flow list and details 2022-06-08 10:51:19 +02:00
Luca Deri
0ae4341d9b Added %L7_CONFIDENCE support 2022-06-06 14:05:42 +02:00
Luca Deri
8234249b20 nDPI Risk information is now saved earlier in the flow 2022-06-01 11:12:10 +02:00
MatteoBiscosi
ad3ada6826 Added flow risk info to alert description 2022-05-31 17:16:12 +02:00
Luca Deri
930a2ac34d Added support for FlowRiskInfo via nProbe 2022-05-31 11:29:32 +02:00
Luca Deri
fb481d4f23 Added flow riskInfo field containing the nDPI-generated JSON 2022-05-30 23:02:00 +02:00
Luca Deri
b0919c9dba Added flow risk info 2022-05-30 22:30:05 +02:00
MatteoBiscosi
3867b03978 Added protocol information dumped even with no alerts (#6649) 2022-05-30 17:54:16 +02:00
Luca Deri
cf516f7411 Fixed IEC continuous dissection 2022-05-04 10:19:31 +02:00
Luca Deri
0e05c21d9f Added support for error code 2022-05-02 13:04:01 +02:00
MatteoBiscosi
ef1c963090 Added ECS 8 support (#6552) 2022-04-29 18:01:12 +02:00
Luca Deri
8f75df9797 Blacklist name is now shown in blacklisted flows alerts 2022-04-26 14:56:15 +02:00
Alfredo Cardigliano
5c69bd7d0a Add missing alert info to Flow 2022-04-20 12:40:05 +02:00
MatteoBiscosi
702bd0441a Removed remote access alert local to local 2022-03-11 17:34:27 +01:00
Luca Deri
1fe96bc73b Initial work for implementing host/port scan detection (#6327) (#6328) 2022-02-20 23:17:04 +01:00
Luca Deri
835f57ac3c Added Process/UserName placeholder code 2022-02-18 12:41:35 +01:00
Luca Deri
adf97e5e9b HTTP User Agent is now exported in nProbe and collected by ntopng. Implements ##6325 2022-02-16 23:47:54 +01:00
Luca Deri
90a8951492 Fixed DHCP/NTP client/server roles with reverted traffic 2022-02-16 22:17:27 +01:00
Matteo Biscosi
cf184d07ff Added MAC Address to View Interfaces 2022-02-09 19:18:00 +01:00
Alfredo Cardigliano
19310ffd06 Initial cleanup of useless consts towards migration to modern C++ (#6271) 2022-02-03 15:57:34 +01:00
Luca
d0a39b85ef Added user agent in HTTP pages (including alerts) 2022-01-31 11:36:07 +01:00