vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-19 07:43:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
12954 commits 26 branches 19 tags 459 MiB
Commit graph

2619 commits

Author SHA1 Message Date
Alfredo Cardigliano
692380ba34 Use meaningful names. Flush flow alerts on shutdown. 2021-03-22 16:55:21 +01:00
Luca
e2f619c281 Added the ability to turn off (via preferences) flow alerts generation that is enabled by default. 2021-03-22 12:27:26 +01:00
Simone Mainardi
f61ffc045b Merge branch 'c-user-scripts' into dev 2021-03-22 10:36:13 +01:00
Simone Mainardi
aea9138bfb Implements flow callbacks and alerts in C++ 2021-03-22 09:51:36 +01:00
Luca Deri
8f37e1d77d Added anomaly counter 2021-03-18 19:08:17 +01:00
Luca Deri
e10a3a3135 Enhanced anomly debug messages 
Cleaned up brodcast domain code
 2021-03-18 15:46:58 +01:00
Matteo Biscosi
3f46194e31 Implements unexpected behaviour alerts 2021-03-16 19:52:09 +01:00
Matteo Biscosi
f6c4bb9f0a Fixes wrong alert field ids 2021-03-15 20:05:52 +01:00
Matteo Biscosi
1466e466d7 Fixes host anomalies wrongly triggered 2021-03-15 20:05:52 +01:00
Matteo Biscosi
e01594f52a Removed community id from MySQL flow 
Implements #5071
 2021-03-15 15:58:07 +01:00
Luca Deri
8a90e09b7a Fixed behavioural scores 2021-03-14 13:53:23 +01:00
Tomoaki
091cb9d17a
Add ifndef switch for windows. (#5104) 2021-03-14 11:00:35 +01:00
Luca Deri
8915a98a8a Compilation fix 2021-03-13 20:17:22 +01:00
Matteo Biscosi
26af27d6a9 Implements active flow and host score behaviour 2021-03-13 00:31:01 +01:00
Tomoaki
e3d881d9b9
Add facility to flows dumping to syslog (#5097) 
* Add syslog facility configuration for dumping.

* Fix indents.

* Fix log message.
 2021-03-12 17:33:02 +01:00
Matteo Biscosi
3b5a5e2507 Implemented DES and added to LocalHostStats 2021-03-12 16:21:41 +01:00
Matteo Biscosi
2f15bd0723 Implements bind alerts to flows through communityId 
Implements #5071
 2021-03-10 12:24:56 +01:00
Alfredo Cardigliano
e86fffcc58 Add message to restart ntopng after importing all conf. Improve max post data check. Remove unnecessary exported modules. 2021-03-08 11:14:44 +01:00
Luca Deri
58ca238e08 Modified behavioral parameters 2021-03-07 22:00:31 +01:00
Matteo Biscosi
6c8258fa06 Implements pool filter or selection on the flow page 
Implements #4950
 2021-03-03 11:57:25 +01:00
Alfredo Cardigliano
44bbe6caf1 Fix paths and owner on BSD 2021-03-03 10:02:20 +01:00
Luca Deri
7aa02a5710 Exports malicious JA3 fingerprint information in host TLS reports 2021-03-02 19:42:54 +01:00
Matteo Biscosi
85d2f7def3 Reviewed learning window regarding contacted peers 2021-03-01 17:23:02 +01:00
Matteo Biscosi
e241227342 Added server/client name and community ID to flow alerts 2021-03-01 12:14:12 +01:00
Simone Mainardi
9d43be52c7 Reworks client/server heuristic for ZMQ interfaces 2021-02-27 21:01:19 +01:00
Simone Mainardi
9050b210b5 Cleanup and simplif. old client/server heuristic code 2021-02-27 19:19:03 +01:00
Simone Mainardi
b7a2e0138c Additional changes and simplif. to the client/server heuristic 2021-02-27 19:10:55 +01:00
Simone Mainardi
9b6c9b7c60 User script changes for client/server heuristics 2021-02-26 19:29:36 +01:00
Simone Mainardi
3ae569b594 Reworks heuristic on client/server (#5058) 2021-02-26 16:29:32 +01:00
Simone Mainardi
76006d6250 Fixes IP reassignment code that is now per-interface 
Implements #5038
 2021-02-26 11:21:04 +01:00
Luca Deri
e9ae852c03 Moved to 128 bit bitmaps 2021-02-25 18:17:57 +01:00
Matteo Biscosi
dbfdec34fe Implements Local Host behaviour analysis and it's alert 
Alert in case the host has an unexpected behaviour
 2021-02-25 12:04:05 +01:00
Matteo Biscosi
4e0bb51969 Implements client/server heuristic #5058 2021-02-25 10:01:53 +01:00
Luca Deri
edc8159396 Compilation fix 2021-02-24 15:55:27 +01:00
Matteo Biscosi
f7773fb715 Implemented behavioural counter for visited sites by local hosts 2021-02-24 15:25:36 +01:00
Luca Deri
9b81f740df Improved BehaviouralCounter with forecast and boundaries 2021-02-24 10:07:18 +01:00
Alfredo Cardigliano
db9adb9060 Add support for Malicious JA3 signature using nDPI (#5045) 2021-02-23 18:35:19 +01:00
Alfredo Cardigliano
9c196d322b Use Patricia from nDPI 2021-02-23 12:34:49 +01:00
Alfredo Cardigliano
434f827ab6 Implement continuous ping for selected interfaces (fix #5001) 2021-02-19 19:13:49 +01:00
Matteo Biscosi
9632c62bfa Implements cleanup IP reassignment code 
Implements #5038
 2021-02-19 15:36:27 +01:00
Alfredo Cardigliano
8c4408628a Show TLS info for protocols using TLS as transport (fix #5045) 2021-02-19 11:32:23 +01:00
Simone Mainardi
59380ecd39 Implements matching of filters on alerts stored in SQLite 2021-02-17 17:31:00 +01:00
Simone Mainardi
f4dff6f2e7 Implements risk-based filtering of flow alerts 2021-02-16 15:25:20 +01:00
Simone Mainardi
c8a7232ef9 Reworks SQLite indices and adds l7_cat to the alerts database 2021-02-16 12:41:45 +01:00
Alfredo Cardigliano
c658b8ed24 Full purge idle scan on shutdown when processing pcap 2021-02-11 15:56:43 +01:00
Alfredo Cardigliano
2b3102e2ae Fix memory leak 2021-02-11 12:03:54 +01:00
Alfredo Cardigliano
3cd232e4c4 Fix math 2021-02-11 10:13:40 +01:00
Alfredo Cardigliano
e1984cb886 Add support for --vm. Deferred version print 2021-02-10 15:24:14 +01:00
Alfredo Cardigliano
149c1a0df1 Fix division by 0 2021-02-10 10:00:05 +01:00
Luca Deri
07b61ff972 Added detection of initialization errors 2021-02-09 13:18:28 +01:00