vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-10 00:42:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
14032 commits 26 branches 19 tags 450 MiB
Commit graph

2811 commits

Author SHA1 Message Date
Simone Mainardi
c8f22694ae Fixes geomap wrongly filtering results 
Fixes #5526
 2021-06-21 17:35:53 +02:00
Simone Mainardi
ce0f434b84 Fixes crash upon disabling IECUnexpectedTypeId check 2021-06-21 15:43:15 +02:00
MatteoBiscosi
9023c0538a Added per user theme (#5539) 2021-06-21 15:37:08 +02:00
MatteoBiscosi
81a94d9fee Fixes behavior alert not working correctly 2021-06-21 13:10:11 +02:00
Luca Deri
195fe9578c Improved observation point id support and flow reporting 2021-06-19 00:16:48 +02:00
MatteoBiscosi
5a02d2a0d7 Fixed lateral movement not triggering 2021-06-18 11:08:44 +02:00
MatteoBiscosi
2d61babeaf Removed unused lateral movement variable 2021-06-17 16:59:15 +02:00
MatteoBiscosi
a89c95dba4 Migrated Lateral Movement alert from interface to flow (Fixes #5485) 2021-06-17 11:07:29 +02:00
Simone Mainardi
ee58f52c51 Refactors user_scripts to checks (c++) 2021-06-16 19:06:29 +02:00
Simone Mainardi
e33af8a23c Refactors script_categories into check_categories (c++ and lua) 2021-06-16 18:43:55 +02:00
Simone Mainardi
9cc3162513 Refactors capability_user_scripts into capability_checks 2021-06-16 18:29:26 +02:00
Simone Mainardi
76fd315d1b Refactors user_scripts into checks (lua) 2021-06-16 18:02:22 +02:00
Simone Mainardi
a160ccf2d6 Refactors callback to check #defines (c++) 2021-06-16 15:56:07 +02:00
Simone Mainardi
40f5c4e821 Refactors {flow,host}callbacks into {flow,host}checks (C++) 2021-06-16 15:27:38 +02:00
Simone Mainardi
cf50f4e0e7 Uses possibly swapped cli and srv to set host names 
Possibly resolves #5506
 2021-06-16 09:14:14 +02:00
Luca Deri
846d24c5e9 Initial VLANid rework 2021-06-15 23:01:59 +02:00
Matteo Biscosi
0e1f16c9b9 Fixes #5492 behavior code rework 2021-06-14 16:46:12 +02:00
Luca Deri
5835f5cfb8 Fixed flow label score 
Fixed NULL on ASs
 2021-06-11 19:52:35 +02:00
Simone Mainardi
11ff348d91 Callbacks interface update: public handledRisk 2021-06-11 18:25:51 +02:00
Simone Mainardi
bd5ebabb16 Shows unhanlded flow risks in the flow details page 
Addresses #5402
 2021-06-11 17:56:49 +02:00
Simone Mainardi
eca157988a Determines unhandled nDPI flow risks upon callbacks load 
Addresses #5402
 2021-06-11 17:24:42 +02:00
Simone Mainardi
3d1ab71f9b Reworks scores for nDPI-risk flow alerts 
Addresses #5402
 2021-06-11 15:22:32 +02:00
Alfredo Cardigliano
38b31bdb9c Add getDefaultScore 2021-06-11 13:15:24 +02:00
Simone Mainardi
b166b07007 Adds base class FlowRiskAlert 2021-06-11 12:38:57 +02:00
Simone Mainardi
62e20d471b Adds scores to flow-risk based alerts 2021-06-11 12:35:32 +02:00
Alfredo Cardigliano
3a2c8052f2 Fix floe callbacks cli/src score 2021-06-11 12:15:15 +02:00
Alfredo Cardigliano
c429baeb64 Sample percentage based cli/srv score computation 2021-06-10 18:58:56 +02:00
Simone Mainardi
9b8e2a1f79 Adds per-alert scores in alert classes 
Addresses #5402
 2021-06-10 18:06:10 +02:00
Matteo Biscosi
f12934ef9e Implements Traffic TX/RX and Score Behavior analysis (#5473) (#5472) 2021-06-10 17:31:29 +02:00
Simone Mainardi
195e5806eb Removes unused severity from host and flow callbacks 2021-06-10 16:01:18 +02:00
Simone Mainardi
0bd6efe5dc Implements breakdown for flow score 
Implements #5402
 2021-06-10 14:27:19 +02:00
Luca Deri
944747fe94 Implemented multi-stacked MPLS/PPPoE/PPP dissection 2021-06-10 10:59:26 +02:00
Luca Deri
c76cce1c4f Renamed Host Ban to Dangerous Host 2021-06-09 22:54:17 +02:00
Matteo Biscosi
0d2b764c84 Added asn to nindex flows (#5468) 2021-06-09 15:34:56 +02:00
Simone Mainardi
409a7ceed7 Fixes tests output 2021-06-09 11:00:58 +02:00
Simone Mainardi
c066e623e5 Fixes non-deterministic DNS DGA alerts 
Fixes #5437
 2021-06-08 17:31:36 +02:00
Simone Mainardi
4ccca54458 Handles possible races in setting multiple DNS queries 
Addresses #5437
 2021-06-08 17:11:56 +02:00
Alfredo Cardigliano
86e92ce0d2 Cleanup PotentiallyDangerous callback as overlaps with FlowRiskUnsafeProtocol (#5402) 2021-06-07 16:11:20 +02:00
Matteo Biscosi
40e7427f82 Added pref for timestamp column in flow tables (#5392) 2021-06-04 17:38:22 +02:00
Luca Deri
c7939fb212 Added JA3 handling via ZMQ 2021-06-04 00:10:07 +02:00
Alfredo Cardigliano
94dd271814 Set flow score using ndpi_risk2score for Risk alerts. Change flow score from 8 to 16 bit in API calls. 2021-06-03 11:23:20 +02:00
Matteo Biscosi
217b9eda33 Added Last Seen column to flow stats (#5392) 2021-06-01 17:49:59 +02:00
Simone Mainardi
0be596ee25 Fixes races when handling alert counters on view interfaces 
Fixes #5424
 2021-05-31 19:14:56 +02:00
Simone Mainardi
08fb295be9 Implements support for roles (attacker/victim) filtering of alerts 
Implements #5425
 2021-05-31 12:32:56 +02:00
Matteo Biscosi
756966c62b Added nProbe license and maintenance infos to iface 2021-05-31 12:28:41 +02:00
Simone Mainardi
9453fca4cb Reworks and completes attacker/victim for all host alerts 
Addresses #5310
 2021-05-31 11:17:03 +02:00
Luca Deri
4c27f6f98c Implemented handlig of hello message from nprobe 2021-05-28 19:34:11 +02:00
Simone Mainardi
4352638cdf Reworks and completes attacker/victim for all flow alerts 
Addresses #5310
 2021-05-28 17:03:37 +02:00
Simone Mainardi
0ac075c01c Fixes attacker for suspicious DGA domains 
Partially addresses #5310
 2021-05-27 18:27:29 +02:00
Simone Mainardi
567655ad70 Fixes for active monitoring alerts 
Fixes #5415
 2021-05-27 15:18:10 +02:00