vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 16:09:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
22631 commits 26 branches 19 tags 446 MiB
Commit graph

86 commits

Author SHA1 Message Date
Luca Ferretti
1b3a0ec19a
initial mitre att&ck standardization (#8446) 
* added feature sorting flows by protocol

* changed protocols comparison order

* initial commit for bitmap of server ports

* bitmap added to redis

* added debug string, bitmap not working

* Update alerts_list_per_license.rst

* Update alerts_list_per_license.rst

* initial mitre att&ck standardization

* Update ServerPortsBitmap.h

* updated mitre standardization
 2024-06-12 15:55:10 +02:00
Luca Ferretti
edef411ebc
added contacted_server_port alert (#8408) 
* initial integretion of server port check

* update learning period and received packet time

* updated host initial time

* Update Flow.cpp

* fixed reported issues

* added server_ports_contacts alert

* minor changes
 2024-05-28 12:52:36 +02:00
Luca Deri
f26d56959c Renamed HostBlackHoleContactsAlert to HostScannerAlert 2024-04-08 18:35:49 +02:00
Nicolo Maio
a68667861e Fix Host Alert BlackHole Contacts title. 2024-03-29 11:24:37 +01:00
Nicolo Maio
b20e06482c Fix the logic for HostBlackHoleContacts and RXOnlyHostScan checks. 2024-03-29 10:09:57 +01:00
Nicolò Maio
2deb42a7a2
Add the blackhole contacts alerts and update the scan detection alert. (#8290) 2024-03-28 08:55:45 +01:00
Luca Deri
2ee2c180a5 Removed alerts no longer necessary as they have been replaced by local traffic rules 2024-02-21 22:54:22 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Nicolo Maio
481b135457 Remove useless comment and tprint. 2023-08-10 15:22:16 +02:00
Nicolo Maio
d812ae6043 Fix host rules alert. (#7737) 2023-08-08 17:34:40 +02:00
Nicolo Maio
1c10820858 Fix threshold sign. (#7645) 2023-07-07 16:18:45 +00:00
Alfredo Cardigliano
64ab8b6bae Trigger External Host alerts directly from Lua (also for inactive hosts) (fix #7170) 2023-04-21 18:20:14 +02:00
Matteo Biscosi
76267099a2 Fixes alerts inconsistent alerts and checks names (#7314) 2023-03-14 15:36:07 +00:00
MatteoBiscosi
78d6acb867 Removed no needed checks 2023-02-07 11:06:54 +01:00
Luca Deri
ced7349e9c Minor fix 2023-02-06 18:19:02 +01:00
Nicolò Maio
c3fa801d37
Fix vlan historical filter. (#6714) (#7205) 
* Fix vlan historical filter. (#6714)

* Update enabling "check live" link. (#6714)

* Fix vlan_id set and remove hardcoded string. (#6714)

* Add comments. (#6714)

* Update historical chart filters. (#6714)
 2023-02-06 17:09:16 +00:00
MatteoBiscosi
1f88fe593d Fixes nil value on score threshold alert 2023-02-03 13:24:28 +01:00
MatteoBiscosi
3f267937b3 Fixes non working score threshold description 2023-02-03 12:45:05 +01:00
Nicolò Maio
378232f808
Update alert score threshold with flows info (#6714) (#7197) 2023-02-03 11:36:19 +01:00
Alfredo Cardigliano
73af3fa521 Add support for external (REST) host alerts (#7170) 2023-01-26 15:34:54 +01:00
Luca
86f39b3c81 Fixed frequency report 2022-12-21 12:44:55 +01:00
Luca Deri
6ee4c25f81 Improve traffic volume alert 2022-12-20 19:34:15 +01:00
Luca Deri
c42fdd60c9 Added traffic volume alert 2022-12-19 23:17:44 +01:00
MatteoBiscosi
91e4d16f06 Reworked host ports details page 2022-12-01 16:56:11 +01:00
MatteoBiscosi
cde463a324 Added RST scan alert (#5903) 2022-11-30 17:01:49 +01:00
Luca Deri
71fbbdbf58 Implemented custom host script (WIP) 2022-11-24 12:34:14 +01:00
MatteoBiscosi
2e27e21cc8 Added SNMP flood check (#5905) 2022-11-23 12:14:42 +01:00
MatteoBiscosi
71bb0efbc2 Added DNS flood alert (#5905) 2022-11-22 11:13:02 +01:00
MatteoBiscosi
7b51a4ca61 Added Fin Scan check (#5903) 2022-05-16 17:18:11 +02:00
Luca Deri
1fe96bc73b Initial work for implementing host/port scan detection (#6327) (#6328) 2022-02-20 23:17:04 +01:00
MatteoBiscosi
147e77636b Added victim and client/server to threshold alert (#5997) 2022-01-07 16:28:05 +01:00
Alfredo Cardigliano
257ece18c0 Copyright update (Lua) 2022-01-03 09:42:33 +01:00
Alfredo Cardigliano
81206a9b70 Cleanup datatable js 2021-11-24 15:11:03 +01:00
Marco Tranchida
98aa892aab
Implementazione nuovo check, progetto GR (#6074) 
* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update en.lua

* Update en.lua

* Update ntop_typedefs.h

* Update HostChecksStatus.h

* Update PktThreshold.cpp
 2021-11-18 17:15:07 +01:00
MatteoBiscosi
a8ab396570 Added references to useful infos regarding score anomaly (#5996) 2021-11-02 16:27:07 +01:00
MatteoBiscosi
fda446fb7c Added ICMP flood alert (#5904) 2021-10-07 11:42:22 +02:00
Simone Mainardi
6da5283ae2 Removes package.path changes possibly causing nil indexing 2021-10-01 11:24:10 +02:00
MatteoBiscosi
a1e4e21c01 Removed threshold configuration from Score Anomaly check (#5845) 2021-09-07 11:45:16 +02:00
MatteoBiscosi
c15b62407c Separated Score Threshold and Anomaly alert (#5845) 2021-09-07 11:38:48 +02:00
MatteoBiscosi
37267ab935 Removed not used DES structure and Fixed non working alert (#5713) 2021-08-25 16:45:16 +02:00
Francesco Amodeo
de27966413
Implemented countries host check (#5713) 
* Added check and alert implementation

* Fixed size of estimation and some typo

* Added HLL counters and DES structure
Co-authored-by: Paolo Junior Mollica <p.mollica@studenti.unipi.it>

* fixes according comments of PR

* decreased memory footprint

* resolved conflicts

* fixed HostCheckID

* Removed wrongly committed file

Co-authored-by: paolo-junior-mollica <paolo.junior.mollica@gmail.com>
Co-authored-by: Matteo Biscosi <49585191+MatteoBiscosi@users.noreply.github.com>
 2021-08-25 15:50:07 +02:00
MatteoBiscosi
5df881478d Fixes domain names contacts alert not working 2021-08-25 12:34:38 +02:00
Gaetano Barresi
f650a3700a
Domain Names host check (#5723) 
* Adding/modifying .cpp for Domain Names host check

* Adding/modifying .h/.lua for Domain Names host check

* minor synstax fix

* dns_contacts

Co-authored-by: Stefano Russo <55586218+D0kken@users.noreply.github.com>
Co-authored-by: Stefano Russo <s.russo41@studenti.unipi.it>
 2021-08-25 11:22:41 +02:00
Simone Mainardi
805b99f03c Adds search by tcp flags in SYN scan alert 2021-08-02 18:43:08 +02:00
Simone Mainardi
92b5f90690 Updates alert flow links for anomaly-based alerts 2021-07-30 15:49:48 +02:00
Simone Mainardi
820e497253 Unifies epoch-related variables in Lua and JS 2021-07-30 15:38:06 +02:00
Simone Mainardi
f563447bd9 Host alert label fixes 2021-07-30 12:51:02 +02:00
Simone Mainardi
7ba9cf0dc5 Adds TCP flag filters in historical flows drilldown 2021-07-28 18:37:43 +02:00
Simone Mainardi
de576aa999 Implements historical floww search function for all host alerts 
Addresses #5326
 2021-07-28 18:16:32 +02:00
Simone Mainardi
b6913c946d Implements skeleton to drilldown historical flows from alerts 
Addresses #5326
 2021-07-28 17:19:44 +02:00