vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-10 00:42:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
6150 commits 26 branches 19 tags 450 MiB
Commit graph

3014 commits

Author SHA1 Message Date
Alfredo Cardigliano
3f442f28b0 Rendering signature/severity for ids alerts 2019-04-04 16:31:13 +02:00
Alfredo Cardigliano
7ce1150a69 IDS flow alerts notification 2019-04-04 16:03:48 +02:00
Alfredo Cardigliano
96954bdabb new ids alert type and configuration 2019-04-04 11:02:01 +02:00
Salvatore Costantino
3bb830d23e Fix active contacts time series (#2506) 
* Fix active contacts time series

* Fix active contacts time series
 2019-04-04 09:33:09 +02:00
Simone Mainardi
f827d8c700 Changes to DNS timeseries to show queries and replies together 2019-04-03 19:15:28 +02:00
Simone Mainardi
3b3e04528d Fixes unnecessary escaping of passwords 
Unescaping is already done in C.

Fixes #2490
 2019-04-03 12:22:19 +02:00
SalvatoreCostantino
27fcedf9ff Added TCP time series 2019-04-02 16:22:39 +02:00
Salvatore Costantino
a121b6a4f8 Added ARP requests time series (#2496) 2019-04-01 16:11:37 +02:00
Salvatore Costantino
5ec5a8e9c8 Added UDP packets time series (#2488) 2019-04-01 16:10:35 +02:00
Simone Mainardi
5e5ad77cec Implements broadcast domain too large alerts 2019-04-01 14:20:57 +02:00
Simone Mainardi
23c5d92b10 Proper validation of base64-encoded license keys 2019-03-29 20:02:54 +01:00
Salvatore Costantino
c8a95d9476 Added dns time series (#2487) 2019-03-28 19:14:51 +01:00
emanuele-f
f10f24a436 Add config/charts icon in network view 2019-03-28 12:48:19 +01:00
emanuele-f
ad77797482 Fix flow status formatting when no flowstatus_info is available 2019-03-28 11:59:14 +01:00
Salvatore Costantino
58becaeebe Added host and net unreachable counters (#2483) 
* Added host and net unreachable counters

* Added host and net unreachable counters

* Added host and net unreachable counters
 2019-03-27 21:44:47 +01:00
emanuele-f
b408408470 Implement search by AS name/number 
Closes #2452
 2019-03-27 17:29:42 +01:00
emanuele-f
4b2a95ecb4 Add redis flag to debug RRD operations 2019-03-27 15:28:25 +01:00
emanuele-f
4203d8a1c6 Enable influxdb data rollup to speedup queries 
Also bind influxdb retention of CQ to the default retention
 2019-03-27 12:42:54 +01:00
emanuele-f
dee4685141 Implement batched listSeries to reduce the number of HTTP requests 2019-03-27 10:49:51 +01:00
Alfredo Cardigliano
34509abce7 Safety check in case of no filter 2019-03-27 10:28:41 +01:00
Alfredo Cardigliano
ca2e11bc0b Anomalous -> Misbehaving Flows (fixes #2386) 2019-03-26 19:36:40 +01:00
Luca Deri
88c34b686a Layout fix 2019-03-26 17:47:02 +01:00
Simone Mainardi
68c22a5407 Removes a debug if 2019-03-26 16:37:56 +01:00
Simone Mainardi
183d83c37d Shows broadcast domains as unordered list 2019-03-26 16:36:32 +01:00
Simone Mainardi
b367bfb2b1 Sorts broadcast domains list 2019-03-26 11:44:53 +01:00
Simone Mainardi
41383aa51b Revert "Added new time series (#2481)" 
This reverts commit 0e785d58f9.
 2019-03-26 09:16:15 +01:00
Salvatore Costantino
0e785d58f9 Added new time series (#2481) 2019-03-25 21:29:36 +01:00
Simone Mainardi
aa8d228aed Globals cleanup 2019-03-25 21:26:20 +01:00
Simone Mainardi
3fcb15cda2 Handles TCP flags via nProbe 2019-03-25 20:31:13 +01:00
emanuele-f
021812a238 Add ability to search by network cidr/alias in search box 2019-03-25 17:21:22 +01:00
emanuele-f
074fccb1b3 Use network alias in alerts 2019-03-25 17:01:39 +01:00
Simone Mainardi
d9d21462cd Parses nProbe client/server network latencies 2019-03-25 16:55:14 +01:00
emanuele-f
54becd3b22 Add local networks alias configuration 
Closes #2476
 2019-03-25 16:50:48 +01:00
emanuele-f
79543c6207 Flows table improvements 2019-03-25 16:04:29 +01:00
Simone Mainardi
0946961be2 Fixes wrong reset of large rrd values causing empty charts 2019-03-21 17:15:16 +01:00
Simone Mainardi
091e89d5a3 Implements hosts walker by address CIDR 2019-03-21 15:25:00 +01:00
Simone Mainardi
4d162c17b5 Adds if_stats.lua Networks tab with broadcast domains 2019-03-21 11:17:09 +01:00
Simone Mainardi
295b60ddf1 Shows broadcast/multicast badges in host details 2019-03-20 11:00:53 +01:00
Simone Mainardi
2c50c66532 Fixes locales ordering 2019-03-18 16:37:55 +01:00
emanuele-f
c1be2c2a55 Add switch to print InfluxDB queries 2019-03-18 15:27:14 +01:00
emanuele-f
c00478f30f Improve "hosts" lists support and add MalwareDomainList 2019-03-18 12:52:21 +01:00
emanuele-f
8f5a6495a2 Add InfluxDB download link 2019-03-18 12:09:16 +01:00
Simone Mainardi
0023f7e247 Implements and shows ghost broadcast domains 2019-03-15 14:09:36 +01:00
Luca
c136776d84 Implementation of custom timeseries load 2019-03-15 13:44:15 +01:00
Simone Mainardi
dafe054c3d Revert "Add files via upload (#2457)" 
This reverts commit 44b735287f.
 2019-03-15 11:14:28 +01:00
Salvatore Costantino
44b735287f Add files via upload (#2457) 2019-03-14 19:43:21 +01:00
Simone Mainardi
bac4be911d Adds broadcast domain to the interface stats page 2019-03-14 17:17:18 +01:00
Simone Mainardi
b41eeffba7 [Security] Fixes possible stored XSS in runtime.lua 
XSS attempts were output to the ntopng logs for example as:

14/Mar/2019 12:53:07 [LuaEngine.cpp:9164] WARNING: Script failure [/home/simone/ntopng/scripts/lua/about.lua][/home/simone/ntopng/scripts/lua/modules/http_lint.lua:1555: [LINT] _POST["ntopng_license"] = "'><script>alert(2)</script>" parameter error: Validation error]

When page runtime.lua was reading logs to show them, the JS was interpreted and scripts were executed.

Fixes

XSS3 | Stored

URL
http://192.168.2.200:3000/lua/runtime.lua

METHOD
Get
 2019-03-14 13:01:13 +01:00
Simone Mainardi
5a67bf6e43 [Security] Fixes possible XSS in login.lua referer param 
Fixes

XSS1 | Reflected

URL
http://192.168.2.200:3000/lua/login.lua?referer=%27%3E%3Cscript%3Ealert(1)%3C/script%3E

METHOD
Get

PARAMETER
referer

PAYLOAD
'><script>alert(1)</script>
 2019-03-14 11:35:35 +01:00
Simone Mainardi
522347dc1b Fixes pools initialization via API that was causing mixed pool ids 2019-03-12 16:27:20 +01:00