vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-30 07:59:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
13226 commits 26 branches 19 tags 446 MiB
Commit graph

69 commits

Author SHA1 Message Date
Alfredo Cardigliano
7d20029cf6 Reduce trace level for single bad entries in downloaded lists 2021-04-16 08:59:49 +02:00
Luca Deri
eaa4cbd1e8 Updated changed URL for snort IP block list 2021-03-27 08:56:11 +01:00
Luca Deri
146a4b8c9a Added warning 2021-03-18 10:09:48 +01:00
Alfredo Cardigliano
3e2a1943c1 Printing as standard message bad domain occurrences in imported lists 2021-03-16 09:52:55 +01:00
Alfredo Cardigliano
db9adb9060 Add support for Malicious JA3 signature using nDPI (#5045) 2021-02-23 18:35:19 +01:00
Matteo Biscosi
04e4ab425f Implements correctly manual category list update 
Implements #4953
 2021-02-15 11:44:23 +01:00
Luca Deri
c7bd604a19 Added URLhaus to category lists 2021-02-03 22:18:29 +01:00
Matteo Biscosi
9c741916c9 Implements #4953 disable auto update blocklists and perform manually 2021-02-02 17:52:48 +01:00
Luca Deri
a1178a0791 Updated (C) 2021-01-02 12:08:23 +01:00
Simone Mainardi
19ceb22095 Fixes broken list download succeeded alert 2020-12-24 10:26:29 +01:00
Simone Mainardi
6bb8a1cd68 Fixes list download succeeded alerts 2020-12-24 10:20:05 +01:00
Matteo Biscosi
101c53336e Migrates alerts to an object-oriented implementation 2020-12-23 11:46:26 +01:00
Simone Mainardi
b3dc39c641 Refactors alert_severities into an independend Lua module 2020-11-30 15:28:17 +01:00
Luca Deri
a2e436213e Removed list https://hosts-file.net/ad_servers.txt as it is no longer existing 2020-11-06 23:15:35 +01:00
Luca Deri
ea83944609 Cosmetic message changes 2020-10-29 09:46:29 +01:00
Simone Mainardi
d3dda0bb82 Unifies misbehaving with alerted flows 
Implements #4596
 2020-10-16 18:58:20 +02:00
Luca Deri
77ab1e3a8a Added fix for #4534 
- in case of startup crash and automtic restart, ntopng would reload lists resetting errors. This caused the storm of updates
- updated the URL to https://snort.org/downloads/ip-block-list
- in case of failure we retry the URL only once (it used to be twice) after one hour.
 2020-10-15 17:17:35 +02:00
Simone Mainardi
4b1329c7c0 Fixes list download failed alert message 2020-10-14 15:12:32 +02:00
Simone Mainardi
5d80b67327 Adds info-level alerts upon successful lists download 
Addresses #4554
 2020-10-14 15:08:01 +02:00
Simone Mainardi
0a7b0214ea Fixes format of list hosts and adds debug 2020-10-08 15:46:31 +02:00
Simone Mainardi
0353ac7985 Fixes attempt to index a nil value (local 'list') 2020-06-22 19:22:52 +02:00
Simone Mainardi
290175b16f Refactors alrt builders into creators 
Refactors builders into creators: calls
 2020-04-27 15:53:56 +02:00
Simone Mainardi
2739aac076 Implements alert builders for each alert definition 
[AlertsK] Implements alert consts builder

[AlertsK] alert_threshold_cross.lua

[AlertsK] too_many_drops.lua

[AlertsK] alert_test_failed.lua

[AlertsK] alert_flows_flood.lua alert_tcp_syn_flood.lua lert_tcp_syn_scan.lua

[AlertsK] alert_snmp_topology_changed.lua

[AlertsK] snmp_device_reset.lua

[AlertsK] alert_slow_periodic_activity.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_status_change.lua

[AlertsK] alert_port_load_threshold_exceeded.lua

[AlertsK] alert_port_errors.lua

[AlertsK] alert_port_duplexstatus_change.lua

[AlertsK] alert_periodic_activity_not_executed.lua

[AlertsK] alert_misbehaving_flows_ratio.lua

[AlertsK] alert_influxdb_error.lua

[AlertsK] alert_influxdb_dropped_points.lua

[AlertsK] alert_dropped_alerts.lua

[AlertsK] alert_am_threshold_cross.lua

[AlertsK] alert_broadcast_domain_too_large.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_device_connection.lua

[AlertsK] alert_host_pool_connection.lua alert_host_pool_disconnection.lua

[AlertsK] alert_ghost_network.lua

[AlertsK] alert_ip_outsite_dhcp_range.lua

[AlertsK] alert_list_download_failed.lua

[AlertsK] alert_login_failed.lua

[AlertsK] alert_mac_ip_association_change.lua

[AlertsK] alert_slow_purge.lua

[AlertsK] alert_request_reply_ratio.lua

[AlertsK] alert_quota_exceeded.lua

[AlertsK] alert_process_notification.lua

[AlertsK] alert_nfq_flushed.lua

[AlertsK] alert_misconfigured_app.lua alert_new_device.lua

[AlertsK] alert_influxdb_export_failure.lua

[AlertsK] alert_unresponsive_device.lua

[AlertsK] alert_user_activity.lua

[AlertsK] alert_user_script_calls_drops.lua

[AlertsK] minor fix
 2020-04-24 15:35:44 +02:00
emanuele-f
e1f28243d0 Add check to avoid "list x has 0 rules" on interrupted shutdowns 
Fixes #3468
 2020-03-27 15:33:34 +01:00
emanuele-f
90adf52ab6 Add check for broadcast address in category lists 2020-02-06 16:09:28 +01:00
emanuele-f
75ec3a246c Remove discontinued Ransomware Tracker lists 2020-01-20 10:17:40 +01:00
emanuele-f
7910ee0874 Fix ntop meltdown list type and add more debug messages 2020-01-20 10:17:40 +01:00
Luca Deri
170bc60f19 Updated (C) 2020-01-08 23:52:51 +01:00
emanuele-f
679f0638f6 Additional checks for bad domain/ip addresses 2019-12-04 17:40:18 +01:00
Luca
5f72aa0c2e nDPI cleanup 2019-11-08 11:38:03 +00:00
Luca
1fb32a0795 Unified nDPI struct across interfaces 2019-11-06 23:02:35 +00:00
emanuele-f
191e530f6f Clean category lists error status on startup and remove debug prints 2019-11-04 13:07:24 +01:00
Luca Deri
d61470c653 Workaround for #3033 but a proper fix is necessary 2019-11-02 20:22:35 +01:00
emanuele-f
1de959ed88 Missing reload fix 2019-10-29 12:07:27 +01:00
emanuele-f
378a1e2cd8 Optimize nDPI categories reload to avoid packet drops 2019-10-29 12:07:27 +01:00
emanuele-f
943012e8c3 Avoid un-necessary hourly reload of category lists when nothing changed 2019-10-28 12:22:57 +01:00
emanuele-f
d1d789ea88 Improve category lists limits and reporting 2019-10-23 18:12:24 +02:00
emanuele-f
bb51396151 Fix bad categories lists limit check 2019-10-23 16:17:08 +02:00
emanuele-f
19f820f1bc Add max rules limit for category lists 
Fixes #2966
 2019-10-23 11:53:21 +02:00
emanuele-f
4b29fa2af1 Only save the edited preferences in category lists 
Fixes #2967
 2019-10-23 11:37:04 +02:00
Luca Deri
a31c59efb6 Updated ntop category lists URLs 2019-10-20 19:02:28 +02:00
Luca Deri
657e673af3 Changed defaults 2019-10-18 17:22:12 +02:00
Simone Mainardi
c68b9af4af Stops lists load during shutdown 2019-10-18 14:46:02 +02:00
Luca Deri
f006b7304d Updated black lists with the ntop meltdown 2019-10-18 13:53:48 +02:00
emanuele-f
c6668f05c1 Remove Nooder Networks list as no more available 2019-09-17 15:38:18 +02:00
emanuele-f
91222ada6b Add Nooder Networks blacklist 2019-09-09 16:17:52 +02:00
emanuele-f
8e6cd5962a Fix blacklisted host alerts not generated when reading from PCAP dump 2019-09-03 17:50:08 +02:00
emanuele-f
b66b71fd7e Implement alert on JA3 malicious signatures 
Closes #2788
 2019-08-28 18:33:13 +02:00
emanuele-f
2814a94077 Report curl error while a list download fails 
Fixes #2777
 2019-08-23 09:52:58 +02:00
Simone Mainardi
061eb632a6 Initial implementation of the icinga2 checker plugin 2019-08-22 17:16:14 +02:00