Alfredo Cardigliano
|
b0ad0a5c7b
|
Fix alert certificate before/after time
|
2021-03-23 17:34:19 +01:00 |
|
Matteo Biscosi
|
bee49df334
|
Fixes wrongly formatted drops alert description
|
2021-03-23 13:26:44 +01:00 |
|
Matteo Biscosi
|
cf761cb579
|
Fixes packet drops alert description
|
2021-03-23 10:55:35 +01:00 |
|
Matteo Biscosi
|
f88370d88b
|
Fixes invalid zero value reported
Implements #5122
|
2021-03-23 10:55:35 +01:00 |
|
Matteo Biscosi
|
a79710090d
|
Fixes unexpected host behaviour triggered wrongly
|
2021-03-23 09:51:21 +01:00 |
|
Luca Deri
|
37e4dce065
|
Added check for avoiding JSON errors
|
2021-03-22 19:17:22 +01:00 |
|
Simone Mainardi
|
f61ffc045b
|
Merge branch 'c-user-scripts' into dev
|
2021-03-22 10:36:13 +01:00 |
|
Simone Mainardi
|
aea9138bfb
|
Implements flow callbacks and alerts in C++
|
2021-03-22 09:51:36 +01:00 |
|
Luca Deri
|
098e1980bc
|
Alert messages improvement
|
2021-03-18 21:21:37 +01:00 |
|
Matteo Biscosi
|
65eec582a2
|
Removed contacted peers alert
|
2021-03-17 11:48:51 +01:00 |
|
Matteo Biscosi
|
d27d5b0439
|
Fixes unexpected host behaviour alert error
|
2021-03-17 11:24:29 +01:00 |
|
Matteo Biscosi
|
39d3618351
|
Fixes flow alerts table column width and description
|
2021-02-26 16:10:48 +01:00 |
|
Matteo Biscosi
|
fa5088d49b
|
Removed useless description from some flow alert
|
2021-02-26 12:58:06 +01:00 |
|
Simone Mainardi
|
36e26cd0fc
|
Cleanup old ip reassignment / remote to remote alerts code
Fixes #5038
|
2021-02-26 11:36:21 +01:00 |
|
Matteo Biscosi
|
41163ac7f6
|
Implements low risk alert type must be further split
Implements #5066
|
2021-02-25 19:09:17 +01:00 |
|
Matteo Biscosi
|
dbfdec34fe
|
Implements Local Host behaviour analysis and it's alert
Alert in case the host has an unexpected behaviour
|
2021-02-25 12:04:05 +01:00 |
|
Simone Mainardi
|
1524deae52
|
Fixes broken remote to remote flow alerts
|
2021-02-18 11:39:44 +01:00 |
|
Matteo Biscosi
|
3685b103b8
|
Fixes #5012 missing script localisation
|
2021-02-04 11:44:22 +01:00 |
|
Matteo Biscosi
|
a0a3e656d7
|
Fixes contacted_peers.lua gives errors
Implements #5009
|
2021-02-04 10:58:59 +01:00 |
|
Luca Deri
|
4fa925a4c4
|
Fixed language
|
2021-02-03 19:57:10 +01:00 |
|
Luca Deri
|
a745c2f38e
|
Fixed error while displaying engaged alerts
|
2021-02-03 19:48:48 +01:00 |
|
Matteo Biscosi
|
467bb9411d
|
Implements #5009 contacted_peers.lua gives errors
|
2021-02-03 19:33:03 +01:00 |
|
Matteo Biscosi
|
a0de61248c
|
Removed port from lateral movement alert description
|
2021-02-03 18:09:40 +01:00 |
|
Matteo Biscosi
|
fe01117324
|
Implements #4006 alerts when host contacts an unusual number of peers
Partial implementation, the rest is under the Pro Repository
|
2021-02-02 13:31:21 +01:00 |
|
Simone Mainardi
|
38d31a474a
|
Makes multiple score increments status-dependent
Implements #4993
|
2021-01-30 12:45:04 +01:00 |
|
Alfredo Cardigliano
|
b3cf18d821
|
Rename alert_tls_old_version -> alert_tls_old_protocol_version everywhere for consistency
|
2021-01-29 11:10:43 +01:00 |
|
Matteo Biscosi
|
b033132bda
|
Removed wrongly named alert definitions
|
2021-01-28 19:20:53 +01:00 |
|
Matteo Biscosi
|
d42e34359e
|
Fixed wrongly named alert definitions
|
2021-01-28 19:15:30 +01:00 |
|
Matteo Biscosi
|
769e311dd8
|
Fixed info length of Periodicity Changed alert
|
2021-01-21 18:58:07 +01:00 |
|
Matteo Biscosi
|
cdc420dd68
|
Fixed #2977 alert for remote->local insecure protocols
|
2021-01-20 11:56:56 +01:00 |
|
Simone Mainardi
|
46e3c10c36
|
Typos
|
2021-01-11 14:38:02 +01:00 |
|
Simone Mainardi
|
ecf4cf0010
|
Adds migrated external_alert.lua
Fixes #4895
|
2021-01-11 11:12:24 +01:00 |
|
Simone Mainardi
|
ad59b61245
|
Implements dropdown search for interfaces
Partially addresses #4800
|
2021-01-08 17:45:41 +01:00 |
|
Simone Mainardi
|
1aaf92e843
|
Reworks attacker/victim in alerts
|
2021-01-07 19:03:42 +01:00 |
|
Matteo Biscosi
|
bf12e0c103
|
Added Victim and Attacker shown into the Developer page
|
2021-01-07 16:34:45 +01:00 |
|
Luca Deri
|
a1178a0791
|
Updated (C)
|
2021-01-02 12:08:23 +01:00 |
|
Matteo Biscosi
|
e94f2cb0b4
|
Fixed #4737 integration with fail2ban
|
2020-12-30 11:46:10 +01:00 |
|
Simone Mainardi
|
19ceb22095
|
Fixes broken list download succeeded alert
|
2020-12-24 10:26:29 +01:00 |
|
Simone Mainardi
|
6bb8a1cd68
|
Fixes list download succeeded alerts
|
2020-12-24 10:20:05 +01:00 |
|
Matteo Biscosi
|
101c53336e
|
Migrates alerts to an object-oriented implementation
|
2020-12-23 11:46:26 +01:00 |
|
Simone Mainardi
|
c1bdfb8722
|
Unifies flow_keys and status_keys
|
2020-12-22 19:14:16 +01:00 |
|
Simone Mainardi
|
c273478b7a
|
Reworks UI list of defined alert and flow keys
|
2020-12-22 16:51:26 +01:00 |
|
Matteo Biscosi
|
bcf2c2c1ed
|
Migrates alerts to an object-oriented implementation
|
2020-12-22 14:48:00 +01:00 |
|
matteo
|
e24ef4ef35
|
Revert "Migrates alerts to an object-oriented implementation"
This reverts commit fbc283f12f.
|
2020-12-22 13:13:57 +01:00 |
|
matteo
|
fbc283f12f
|
Migrates alerts to an object-oriented implementation
|
2020-12-22 13:00:25 +01:00 |
|
Simone Mainardi
|
3baa932a01
|
Migrates alerts to an object-oriented implementation
Migrates alert_malicious_signature alert_elephant_local_to_remote alert_elephant_remote_to_local
Migrates long_lived
Migrates alert_flow_blocked
Migrates alert_tls_old_version
Migrates alert_tls_certificate_mismatch
Migrates alert_tls_certificate_expired
Migrates alert_tls_unsafe_ciphers
Migrates alert_tls_certificate_selfsigned
Migrates alert_potentially_dangerous_protocol
Migrates alert_snmp_device_reset
Migrates alert_port_mac_changed
Migrates alert_port_duplexstatus_change
Mirgates alert_port_errors
Migrates alert_port_status_change
Migrates alert_port_load_threshold_exceeded
Migrates alert_data_exfiltration
Migrates alert_dns_data_exfiltration
Migrates alert_suspicious_tcp_probing alert_suspicious_tcp_syn_probing alert_tcp_connection_refused
Migrates alert_dns_invalid_query
Migrates alert_attack_mitigation_via_snmp
Migrates alert_lateral_movement
Migrates alert_periodicity_update
Migrates alert_dns_positive_error_ratio
Migrates alert_iec104_error
|
2020-12-22 09:56:38 +01:00 |
|
Simone Mainardi
|
7c6c249adf
|
Fixes attempt to index a nil value (global 'dirs')
|
2020-12-21 10:01:42 +01:00 |
|
Alfredo Cardigliano
|
da2b6e152c
|
Fix undefined dirs in alert_slow_periodic_activity.lua
|
2020-12-18 10:02:23 +01:00 |
|
Simone Mainardi
|
1a71ba4f5f
|
Removes remote assistance
Fixes #4785
|
2020-12-17 19:41:37 +01:00 |
|
MatteoBiscosi
|
de340b66ef
|
Fixed #2789 implement remote DNS resolution failure alert
|
2020-12-11 09:54:02 +01:00 |
|