vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 16:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
22631 commits 26 branches 19 tags 446 MiB
Commit graph

135 commits

Author SHA1 Message Date
Luca Ferretti
1b3a0ec19a
initial mitre att&ck standardization (#8446) 
* added feature sorting flows by protocol

* changed protocols comparison order

* initial commit for bitmap of server ports

* bitmap added to redis

* added debug string, bitmap not working

* Update alerts_list_per_license.rst

* Update alerts_list_per_license.rst

* initial mitre att&ck standardization

* Update ServerPortsBitmap.h

* updated mitre standardization
 2024-06-12 15:55:10 +02:00
Matteo Biscosi
9b8695eb05 Possible fix for dga domain alert description (#8325) 2024-05-08 12:28:13 -04:00
Matteo Biscosi
57eb0c7207 Started fixing issue #8325 2024-05-03 09:30:17 -04:00
Luca Deri
8f49ce0f4b Cleaned up bkaclisted flow label (removed UID) 2024-04-25 11:04:12 +02:00
Nicolò Maio
59075f5e10
Splitting blacklisted flow alert and creating two new alerts. (#8354) (#8355) 
* Splitting blacklisted flow alert and creating two new alerts. (#8354)

* Renaming to 'Blacklisted Client Contact' and 'Blacklisted Server Contact'. (#8354)
 2024-04-24 17:37:30 +02:00
Nicolò Maio
636ba2975c
Add Flow Reset Alert and counter. (#8264) (#8348) 
* Add Flow Reset Alert and counter. (#8264)

* Renaming to TCP Flow Reset. (#8264)

* Renaming the value retrieved by the getName method. (#8264)
 2024-04-24 17:15:20 +02:00
Nicolò Maio
fd6b0958c3
Rename the alert to "Remote to Local Insecure Flow". (#8257) (#8339) 2024-04-18 12:45:54 +02:00
Matteo Biscosi
0cfd1246c1 Fixes some alerts description 2024-04-12 11:03:33 -04:00
Matteo Biscosi
1460eda751 Fixes SQL injection description 2024-04-10 07:16:13 -04:00
Matteo Biscosi
436bf03e56 Removed html when not requested and fixed some alerts description(#8304) 2024-04-08 10:45:11 -04:00
Matteo Biscosi
cbec26e3b4 Fixes missing alert descriptions (#8314 #8313) 2024-04-08 07:02:17 -04:00
Nicolo Maio
8372d80dc8 Add UID to the description of blacklisted flow alerts. (#7799) 2024-03-01 16:38:46 +01:00
Luca Deri
ab34197603 Various script fixed 
Improved error message when scripts fail
 2024-02-19 22:13:01 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Matteo Biscosi
d75454a709 Added blacklisted flow alert debug 2023-11-29 16:20:14 +00:00
Matteo Biscosi
e8b8b7e570 Fixes blacklisted flow message in case of custom categories 2023-11-28 11:13:53 +00:00
Luca Deri
463b906b59 Added supporto for ModBUS Scattered Holding Register Read 2023-11-10 11:36:35 +01:00
Matteo Biscosi
f9a55743b6 Added malware host contacted check 2023-10-18 10:40:54 +00:00
Nicolo Maio
2fb921e5f9 Fix server IP in unexpected DHCP server alert. 2023-08-14 16:21:20 +02:00
Alfredo Cardigliano
7a314e9d69 Add sample custom query for host alerts. Fix host alerts format to handle empty fields. 2023-07-24 15:50:59 +02:00
Nicolo Maio
9c3acf2f06 Add alert notification retention policy by default 1h. (#6240) 2023-07-19 16:25:32 +00:00
Alfredo Cardigliano
1bdf0680c6 Fix format of longlived alerts 2023-07-18 11:34:50 +02:00
Nicolo Maio
30f429d1de Add blacklist name. (#7549) 2023-06-14 11:56:13 +00:00
Luca Deri
e86cd0f2ce added Modbus Invalid Transition Alert 2023-06-05 00:53:27 +02:00
Luca Deri
4a13dc41d5 Implemented Modbus exceptions 2023-06-01 22:53:59 +02:00
Luca Deri
96e10b12a5 Added stub for RareDestination check/alert implementation #6416 and #6417 2023-03-22 15:11:53 +01:00
Matteo Biscosi
76267099a2 Fixes alerts inconsistent alerts and checks names (#7314) 2023-03-14 15:36:07 +00:00
Matteo Biscosi
fc82eff56b Updated alert to NDPI_NUMERIC_IP_HOST 2023-03-02 15:18:40 +00:00
Nicolò Maio
b4b8307739
Fix alert_remote_to_local_insecure_proto alert message. (#7265) (#7277) 2023-02-27 13:01:45 +01:00
MatteoBiscosi
ddb55b4d7e Updated ndpi alerts (#7200) 2023-02-09 18:46:37 +01:00
Nicolò Maio
7162045cdd
Add VLAN bidirectional traffic alert (#7126) (#7194) 
* Add VLAN bidirectional traffic alert (#7126)

* Add alert description. (#7126)
 2023-02-03 10:33:25 +01:00
Luca Deri
71fbbdbf58 Implemented custom host script (WIP) 2022-11-24 12:34:14 +01:00
Luca Deri
9bdff1b170 Improved custom flow script alert 2022-11-23 17:04:01 +01:00
Luca Deri
a687b9280a Implemented custom script check 2022-11-23 11:11:45 +01:00
MatteoBiscosi
ef01259354 Fixes flow checks not found 2022-11-21 10:59:55 +01:00
MatteoBiscosi
4bc150e7c9 Removed debug tprint 2022-11-16 11:33:11 +01:00
MatteoBiscosi
b6692f3fea Added TCP Packets issues check (#6899) 2022-11-16 11:28:16 +01:00
MatteoBiscosi
7bfc2fdde4 Fixes Flow risks not defined (#6939) 2022-10-21 13:37:08 +02:00
MatteoBiscosi
4728baed14 Fixes inconsistent naming in ntopng (#6716) 2022-10-17 12:52:47 +02:00
Alfredo Cardigliano
93dd74d906 Fix telegram notifications (fix #6915) 2022-10-03 12:29:23 +02:00
MatteoBiscosi
3681ca34dc Added ndpi http suspicious content alert mapping 2022-07-15 11:40:20 +02:00
MatteoBiscosi
755c90e0c2 Changed from UDP unidirection to unidirectiont traffic 2022-06-21 15:11:54 +02:00
MatteoBiscosi
4f8c5c6cec Moved UDP unidirection to nDPI alerts 2022-06-21 11:37:46 +02:00
Alfredo Cardigliano
df2829d409 Improve iec_invalid_transition format function (#6682) 2022-06-10 16:17:08 +02:00
MatteoBiscosi
b7a61835ba Fixes dns large packets alert incorrectly triggered (#6674) 2022-06-10 10:34:03 +02:00
MatteoBiscosi
ba20719d4a Fixes suspicious dga domain url not formatted 2022-06-09 18:19:03 +02:00
MatteoBiscosi
9622209308 Minor fixes to alerts 2022-06-09 18:12:04 +02:00
MatteoBiscosi
8214173ecd Various changes to alerts (#6675) 2022-06-09 12:26:25 +02:00
MatteoBiscosi
4d037e911b Possible fix for #6670 2022-06-08 17:59:10 +02:00
Luca Deri
9d364c69b4 Fixed TCP with no answer alert definition 2022-06-07 13:11:35 +02:00