Matteo Biscosi
e5a48cb5d2
TCP Zero Window alert from issue #3417 ( #4684 )
...
* Added no_if_activity alert to user script keys
* Added no_if_activity description alert
* Fixes #4648 trigger an alert when no flows are collected
* Changed the time past one call of the alert and an other
* Fixes #4648 reorganized files and cache management
* Added status flow check regarding issue #3417
* Removed debug code
Co-authored-by: matteo <biscosi@ntop.org>
Co-authored-by: Luca Deri <lucaderi@users.noreply.github.com>
2020-11-05 18:20:09 +01:00
Simone Mainardi
389f9c2beb
Reworks TCP issues flow user script
2020-10-30 15:56:36 +01:00
Luca Deri
7d6daf6b1b
Fixes for flow retransmission plugin
2020-10-14 00:02:25 +02:00
Luca Deri
7616249acd
Defined new keys for flows with severe retransmissions
2020-10-11 14:51:16 +02:00
Luca Deri
4565f8af04
Added plugin for detecting unexpected NTP servers
2020-10-10 10:54:19 +02:00
Luca Deri
02323882eb
Defined new status keys
...
status_unexpected_dhcp_server = 32,
status_unexpected_dns_server = 33,
status_unexpected_smtp_server = 34,
2020-10-09 11:51:06 +02:00
Simone Mainardi
814ee67cf9
Reworks nDPI Risks flow plugins to handle all risks and scores
...
Fixes #4432
2020-09-23 17:58:51 +02:00
Simone Mainardi
329f7381b5
Minor fixes
2020-05-13 20:02:34 +02:00
Simone Mainardi
c543df45f9
Reworks suspicious file transfers
2020-05-13 19:38:24 +02:00
Luca Deri
cd3246ca3b
Defined new flow_keys
...
status_binary_application_transfer = 29,
status_known_proto_on_non_std_port = 30
2020-05-12 00:35:45 +02:00
Luca Deri
ff76407e68
Added detection of self-signed (< TLS 1.3) certificates
2020-05-08 09:53:31 +02:00
Simone Mainardi
4177ee61ab
Implements constant flow and alert ids
...
Enlarges AlertType size
Changes alerts database
2020-04-14 22:20:44 +02:00
