vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-05 19:15:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
26031 commits 26 branches 19 tags 448 MiB
Commit graph

68 commits

Author SHA1 Message Date
Luca Deri
b9dc8157d1 Potential fix for #9477 2025-08-08 18:59:48 +02:00
Alfredo Cardigliano
b6ee0c3a11 Cleanup code 2025-05-21 12:50:41 +02:00
Luca Deri
e0b908b42e Removed obsoleted TLSSuspiciousESNIUsage 
Improved device type guessing based on the OS
 2025-03-25 21:56:38 +01:00
Alfredo Cardigliano
b1f0ace7b7 Typo 2025-03-17 16:33:46 +01:00
Alfredo Cardigliano
c845b92551 External alerts notes 2025-03-17 16:30:50 +01:00
Matteo Biscosi
46f3323d96 Moved alert to pro 2024-12-18 16:12:00 +01:00
YellowMan
3fae0b6e65
Mac tracking list (#8881) 
* Local To Internet Connection Alert

* migrate information in mac-address traking list page
 2024-12-18 15:09:41 +01:00
Luca Deri
d3e469a316 Mergec TCP Probing and Probin attempt 2024-11-20 22:08:07 +01:00
YellowMan
d396297985
Tcp Probing Attempt Alert (#8821) 
* Implemented TCP Probing Attempt Alert

---------

Co-authored-by: DiPalmaGiuseppe <g.dipalma6@studenti.unipi.it>
 2024-11-20 10:58:36 +01:00
Luca Deri
8de40e2f15 Fixes for Unexpected DHCP/DNS/NTP/SMTP servers (#8810) 2024-11-10 11:46:41 +01:00
Matteo Biscosi
952e136080 Moved unexpected gateway check from flows to hosts 2024-10-07 16:58:31 +02:00
Matteo Biscosi
5314a61f7c Added gateway alert and configuration (#8687); Fixes nedge compilation issue 2024-10-02 11:07:19 +02:00
Matteo Biscosi
bf66ccd5c9 Fixes missing virtual 2024-09-10 16:46:42 +02:00
Matteo Biscosi
d4cb75abfd Added support to network servers configuration in c++ (#8686) 2024-09-09 18:59:47 +02:00
Alfredo Cardigliano
3b0b60c422 Remove JA3 leftovers. Update alert keys. Rename malivious JA3 to malicious Fingerprint. 2024-09-02 18:34:17 +02:00
Luca Deri
e34224a9da Refreshed ntopng code 2024-08-25 11:46:58 +02:00
Nicolo Maio
3a022c8a36 Set the packet only interfaces option to false.(#8264) 2024-05-13 18:11:42 +02:00
Luca Deri
ddd449ea90 Added the ability to set custom alert score 2024-04-29 11:56:02 +02:00
Nicolò Maio
59075f5e10
Splitting blacklisted flow alert and creating two new alerts. (#8354) (#8355) 
* Splitting blacklisted flow alert and creating two new alerts. (#8354)

* Renaming to 'Blacklisted Client Contact' and 'Blacklisted Server Contact'. (#8354)
 2024-04-24 17:37:30 +02:00
Nicolò Maio
636ba2975c
Add Flow Reset Alert and counter. (#8264) (#8348) 
* Add Flow Reset Alert and counter. (#8264)

* Renaming to TCP Flow Reset. (#8264)

* Renaming the value retrieved by the getName method. (#8264)
 2024-04-24 17:15:20 +02:00
Nicolò Maio
fd6b0958c3
Rename the alert to "Remote to Local Insecure Flow". (#8257) (#8339) 2024-04-18 12:45:54 +02:00
Matteo Biscosi
b98fa797af Removed attacker from binary application trasnfer (#8319) 2024-04-09 09:41:47 -04:00
Nicolò Maio
d6cc11a10b
Refactor the isSMTP method (#8198) 2024-02-07 16:05:43 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Alfredo Cardigliano
8a97f69c27 Fix checks configuration initialization (default values) for new risks 2023-10-19 18:37:26 +02:00
Luca Deri
06716a0d7b Added logic to enable generic checks if without a configuration 2023-10-18 19:28:19 +02:00
Matteo Biscosi
f9a55743b6 Added malware host contacted check 2023-10-18 10:40:54 +00:00
Alfredo Cardigliano
180f61cb7f Handle Flow Risks that should be checked on Flow End (e.g. Unidirectional flow) (#7224) 2023-07-11 08:16:46 +02:00
lucaderi
d395deac4e Automated commit of clang-format CI changes. 2023-04-07 14:20:44 +00:00
Luca Deri
96e10b12a5 Added stub for RareDestination check/alert implementation #6416 and #6417 2023-03-22 15:11:53 +01:00
Matteo Biscosi
fc82eff56b Updated alert to NDPI_NUMERIC_IP_HOST 2023-03-02 15:18:40 +00:00
Luca Deri
05ecf9eb90 Remove un-necessary VLANid type in order to simplify code and avoid un-necessary and's 2023-02-20 22:30:12 +01:00
MatteoBiscosi
ddb55b4d7e Updated ndpi alerts (#7200) 2023-02-09 18:46:37 +01:00
Luca Deri
24bc8213d9 Fixed VLANBidirectionalTraffic code 2023-02-06 21:49:30 +01:00
Nicolò Maio
bf92a04df4
Update VLAN bidirectional traffic check, now is on protocol detected. (#7126) (#7208) 2023-02-06 17:51:44 +00:00
Nicolò Maio
7162045cdd
Add VLAN bidirectional traffic alert (#7126) (#7194) 
* Add VLAN bidirectional traffic alert (#7126)

* Add alert description. (#7126)
 2023-02-03 10:33:25 +01:00
Luca Deri
42a14874d5 Improved "Flow User Check Script" flow check 2023-01-30 22:22:51 +01:00
Luca Deri
f726b867c7 Updated (C) 2023-01-01 16:37:57 +01:00
Luca Deri
01719751a6 Improved tracings 2022-11-25 11:01:31 +01:00
Luca Deri
ddef9454c2 Reworked interface VM in CustomFlowLuaScript 2022-11-21 17:57:21 +01:00
MatteoBiscosi
ef01259354 Fixes flow checks not found 2022-11-21 10:59:55 +01:00
Luca Deri
309d17b6b8 Implemented CustomFlowLuaScript.cpp engine 2022-11-20 20:30:49 +01:00
Luca Deri
80db634bfe Implemented skeleton of CustomFlowLuaScriptAlert check 2022-11-19 20:31:24 +01:00
MatteoBiscosi
b6692f3fea Added TCP Packets issues check (#6899) 2022-11-16 11:28:16 +01:00
MatteoBiscosi
7bfc2fdde4 Fixes Flow risks not defined (#6939) 2022-10-21 13:37:08 +02:00
Alfredo Cardigliano
cdd4a41bd5 Rename FlowRisk Simple to Generic 2022-07-14 17:23:06 +02:00
Luca Deri
bdbc84fef6 Implemented issuerDN exception handling 2022-07-04 21:39:36 +02:00
MatteoBiscosi
755c90e0c2 Changed from UDP unidirection to unidirectiont traffic 2022-06-21 15:11:54 +02:00
MatteoBiscosi
4f8c5c6cec Moved UDP unidirection to nDPI alerts 2022-06-21 11:37:46 +02:00
MatteoBiscosi
3509b3b74b Added dns fragmented alert 2022-05-31 18:34:22 +02:00