vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-28 15:09:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
25194 commits 26 branches 19 tags 444 MiB
Commit graph

64 commits

Author SHA1 Message Date
Manuel Ceroni
6f108a7e24
Added incremental score to scan alert (realtime) (#9139) 2025-04-11 10:41:01 +02:00
Luca
da456f9951 Reworked hosts server ports 2025-04-10 16:24:01 +02:00
Manuel Ceroni
9127b22b76
Improved Scan Realtime Alert (#9122) 2025-04-07 16:26:08 +02:00
Manuel Ceroni
e1328ae36b
Implemented Scan Realtime Alert (#9106) 
* Implemented Scan Realtime Alert

* Removed old scan alerts
 2025-04-04 12:42:46 +02:00
Manuel Ceroni
486dc0e33e
Implemented nat detected alert (#9074) 2025-03-27 11:28:16 +01:00
Matteo Biscosi
e89f07f238 Merged score threshold and dangerous hosts alerts (#8827) 2024-12-12 16:45:43 +01:00
Matteo Biscosi
952e136080 Moved unexpected gateway check from flows to hosts 2024-10-07 16:58:31 +02:00
Luca Ferretti
edef411ebc
added contacted_server_port alert (#8408) 
* initial integretion of server port check

* update learning period and received packet time

* updated host initial time

* Update Flow.cpp

* fixed reported issues

* added server_ports_contacts alert

* minor changes
 2024-05-28 12:52:36 +02:00
Luca Deri
ddd449ea90 Added the ability to set custom alert score 2024-04-29 11:56:02 +02:00
Nicolo Maio
4f7ba024c0 Set the emergency level score for SYN flood alerts. (#8253) 2024-04-10 16:59:46 +02:00
Luca Deri
f26d56959c Renamed HostBlackHoleContactsAlert to HostScannerAlert 2024-04-08 18:35:49 +02:00
Nicolo Maio
8a251c95cc Change Score level of HostBlackHoleContacts 2024-04-02 11:49:31 +02:00
Nicolo Maio
b20e06482c Fix the logic for HostBlackHoleContacts and RXOnlyHostScan checks. 2024-03-29 10:09:57 +01:00
Nicolò Maio
2deb42a7a2
Add the blackhole contacts alerts and update the scan detection alert. (#8290) 2024-03-28 08:55:45 +01:00
Luca Deri
2ee2c180a5 Removed alerts no longer necessary as they have been replaced by local traffic rules 2024-02-21 22:54:22 +01:00
Luca Deri
55870e97b9 (C) Update 2024-01-12 11:44:18 +01:00
Nicolo Maio
d812ae6043 Fix host rules alert. (#7737) 2023-08-08 17:34:40 +02:00
Nicolo Maio
1c10820858 Fix threshold sign. (#7645) 2023-07-07 16:18:45 +00:00
Alfredo Cardigliano
737ea7be5e Remove C++ implementation of External Alert (replaced by Lua implementation) 2023-04-26 10:30:56 +02:00
lucaderi
d395deac4e Automated commit of clang-format CI changes. 2023-04-07 14:20:44 +00:00
Alfredo Cardigliano
73af3fa521 Add support for external (REST) host alerts (#7170) 2023-01-26 15:34:54 +01:00
Luca Deri
f726b867c7 Updated (C) 2023-01-01 16:37:57 +01:00
Alfredo Cardigliano
34d3b31cd5 Add debug message and comment in TrafficVolume alert 2022-12-23 11:49:07 +01:00
Luca Deri
c42fdd60c9 Added traffic volume alert 2022-12-19 23:17:44 +01:00
MatteoBiscosi
cde463a324 Added RST scan alert (#5903) 2022-11-30 17:01:49 +01:00
Luca Deri
eefaab8bc1 Custom host alert implementation 2022-11-24 14:02:04 +01:00
MatteoBiscosi
2e27e21cc8 Added SNMP flood check (#5905) 2022-11-23 12:14:42 +01:00
MatteoBiscosi
71bb0efbc2 Added DNS flood alert (#5905) 2022-11-22 11:13:02 +01:00
MatteoBiscosi
eda4cfb088 Added severity to ntopng checks table 2022-10-20 10:34:37 +02:00
MatteoBiscosi
7b51a4ca61 Added Fin Scan check (#5903) 2022-05-16 17:18:11 +02:00
Luca Deri
269e9da142 (C) Update 2022-02-20 23:17:50 +01:00
Luca Deri
1fe96bc73b Initial work for implementing host/port scan detection (#6327) (#6328) 2022-02-20 23:17:04 +01:00
Marco Tranchida
98aa892aab
Implementazione nuovo check, progetto GR (#6074) 
* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Add files via upload

* Update en.lua

* Update en.lua

* Update ntop_typedefs.h

* Update HostChecksStatus.h

* Update PktThreshold.cpp
 2021-11-18 17:15:07 +01:00
Simone Mainardi
8074367a3c Fixes severity of DangerousHostAlert 2021-10-13 16:15:30 +02:00
MatteoBiscosi
fda446fb7c Added ICMP flood alert (#5904) 2021-10-07 11:42:22 +02:00
MatteoBiscosi
a1e4e21c01 Removed threshold configuration from Score Anomaly check (#5845) 2021-09-07 11:45:16 +02:00
MatteoBiscosi
c15b62407c Separated Score Threshold and Anomaly alert (#5845) 2021-09-07 11:38:48 +02:00
Francesco Amodeo
de27966413
Implemented countries host check (#5713) 
* Added check and alert implementation

* Fixed size of estimation and some typo

* Added HLL counters and DES structure
Co-authored-by: Paolo Junior Mollica <p.mollica@studenti.unipi.it>

* fixes according comments of PR

* decreased memory footprint

* resolved conflicts

* fixed HostCheckID

* Removed wrongly committed file

Co-authored-by: paolo-junior-mollica <paolo.junior.mollica@gmail.com>
Co-authored-by: Matteo Biscosi <49585191+MatteoBiscosi@users.noreply.github.com>
 2021-08-25 15:50:07 +02:00
Gaetano Barresi
f650a3700a
Domain Names host check (#5723) 
* Adding/modifying .cpp for Domain Names host check

* Adding/modifying .h/.lua for Domain Names host check

* minor synstax fix

* dns_contacts

Co-authored-by: Stefano Russo <55586218+D0kken@users.noreply.github.com>
Co-authored-by: Stefano Russo <s.russo41@studenti.unipi.it>
 2021-08-25 11:22:41 +02:00
Simone Mainardi
5fe995ecfe Implements host check for NTP traffic 2021-07-27 12:19:52 +02:00
MatteoBiscosi
7a04146a00 Added threshold to score anomaly (#5657) 2021-07-12 13:02:31 +02:00
Simone Mainardi
0a6b513710 Implements ability to store/search/filter host alerts by cli/srv 
Addresses #5575
 2021-06-30 12:58:00 +02:00
Simone Mainardi
8dcce12ff8 Reworks score computation for host alerts 
Implements #5555
 2021-06-23 14:48:47 +02:00
Simone Mainardi
40f5c4e821 Refactors {flow,host}callbacks into {flow,host}checks (C++) 2021-06-16 15:27:38 +02:00
Luca Deri
c76cce1c4f Renamed Host Ban to Dangerous Host 2021-06-09 22:54:17 +02:00
Matteo Biscosi
bcc717689f Partially Implements traffic blocking (#5387) 2021-05-21 18:40:49 +02:00
Matteo Biscosi
bc80a86d73 Added score breakdown to score anomaly alert 
Implements #5339
 2021-05-17 18:24:01 +02:00
Matteo Biscosi
fdf8fbadb8 Fixes Host/Flow anomaly description 
Implements #5337
Implements #5333
 2021-05-17 14:53:20 +02:00
Alfredo Cardigliano
77bd43765c Cleanup alert on score 2021-05-05 16:25:01 +02:00
Alfredo Cardigliano
ef65671794 Remove alert severity from Alerts. Always use score (convert to severity when required for UI or similar) 2021-05-05 09:54:14 +02:00