ntopng

vrr/ntopng

mirror of https://github.com/ntop/ntopng.git synced 2026-04-28 23:19:33 +00:00

Author	SHA1	Message	Date
Manuel Ceroni	26c23347e7	Improved Scan Alerts with MITRE and fixes (#9127 )	2025-04-08 11:33:53 +02:00
Manuel Ceroni	9127b22b76	Improved Scan Realtime Alert (#9122 )	2025-04-07 16:26:08 +02:00
Manuel Ceroni	e1328ae36b	Implemented Scan Realtime Alert (#9106 ) * Implemented Scan Realtime Alert * Removed old scan alerts	2025-04-04 12:42:46 +02:00
Manuel Ceroni	486dc0e33e	Implemented nat detected alert (#9074 )	2025-03-27 11:28:16 +01:00
Luca Deri	a4e09a03e4	Minor cosmetic changes	2025-03-21 16:59:47 +01:00
Manuel Ceroni	fe0975ba2a	Added Service Down check to Scan Alert (#9066 )	2025-03-21 16:55:29 +01:00
Manuel Ceroni	00c6efdce6	Implemented network and service scan checks, merging them with the port scan check into a single alert (Scan Alert) (#9024 )	2025-03-10 21:19:05 +01:00
Matteo Biscosi	34b559e66d	Added attacker in port scan (#9009 )	2025-03-05 11:52:56 +01:00
Manuel Ceroni	83d6fb24da	Port scan alert aggregation (#9021 )	2025-03-04 16:12:13 +01:00
Manuel Ceroni	d4b7a3d375	Implemented port scan alert (clickhouse) (#9006 )	2025-02-27 10:44:18 +01:00
Alfredo Cardigliano	31752105d9	Add Lua host check example (Suspicious Domain Scans) #8956	2025-02-17 15:14:30 +01:00
Matteo Biscosi	e89f07f238	Merged score threshold and dangerous hosts alerts (#8827 )	2024-12-12 16:45:43 +01:00
Matteo Biscosi	b2a37ea016	Fixes missing protocol mapping (#8805 )	2024-11-12 11:07:47 +01:00
Matteo Biscosi	4fffe8b449	Fixes host alert score treshold description	2024-10-23 16:11:31 +02:00
Luca	1117e71d18	Removed SYN flood check that was partially overlapping with SYN scan	2024-10-22 15:46:50 +02:00
Matteo Biscosi	952e136080	Moved unexpected gateway check from flows to hosts	2024-10-07 16:58:31 +02:00
Luca Ferretti	7cceb656c0	fixed typo (#8565 ) * added netbox documentation * Update asset_inventory.rst * added ndpi-protocols ipv6 rules * updated ipv6 check for custom rule * fix typo * implemented mitre_table_info inside database * fixed typo * changed tecnique to technique typo * Update host_alert_scan_detected.lua	2024-07-24 18:23:47 +02:00
Luca Ferretti	1b3a0ec19a	initial mitre att&ck standardization (#8446 ) * added feature sorting flows by protocol * changed protocols comparison order * initial commit for bitmap of server ports * bitmap added to redis * added debug string, bitmap not working * Update alerts_list_per_license.rst * Update alerts_list_per_license.rst * initial mitre att&ck standardization * Update ServerPortsBitmap.h * updated mitre standardization	2024-06-12 15:55:10 +02:00
Luca Ferretti	edef411ebc	added contacted_server_port alert (#8408 ) * initial integretion of server port check * update learning period and received packet time * updated host initial time * Update Flow.cpp * fixed reported issues * added server_ports_contacts alert * minor changes	2024-05-28 12:52:36 +02:00
Luca Deri	f26d56959c	Renamed HostBlackHoleContactsAlert to HostScannerAlert	2024-04-08 18:35:49 +02:00
Nicolo Maio	a68667861e	Fix Host Alert BlackHole Contacts title.	2024-03-29 11:24:37 +01:00
Nicolo Maio	b20e06482c	Fix the logic for HostBlackHoleContacts and RXOnlyHostScan checks.	2024-03-29 10:09:57 +01:00
Nicolò Maio	2deb42a7a2	Add the blackhole contacts alerts and update the scan detection alert. (#8290 )	2024-03-28 08:55:45 +01:00
Luca Deri	2ee2c180a5	Removed alerts no longer necessary as they have been replaced by local traffic rules	2024-02-21 22:54:22 +01:00
Luca Deri	55870e97b9	(C) Update	2024-01-12 11:44:18 +01:00
Nicolo Maio	481b135457	Remove useless comment and tprint.	2023-08-10 15:22:16 +02:00
Nicolo Maio	d812ae6043	Fix host rules alert. (#7737 )	2023-08-08 17:34:40 +02:00
Nicolo Maio	1c10820858	Fix threshold sign. (#7645 )	2023-07-07 16:18:45 +00:00
Alfredo Cardigliano	64ab8b6bae	Trigger External Host alerts directly from Lua (also for inactive hosts) (fix #7170 )	2023-04-21 18:20:14 +02:00
Matteo Biscosi	76267099a2	Fixes alerts inconsistent alerts and checks names (#7314 )	2023-03-14 15:36:07 +00:00
MatteoBiscosi	78d6acb867	Removed no needed checks	2023-02-07 11:06:54 +01:00
Luca Deri	ced7349e9c	Minor fix	2023-02-06 18:19:02 +01:00
Nicolò Maio	c3fa801d37	Fix vlan historical filter. (#6714 ) (#7205 ) * Fix vlan historical filter. (#6714) * Update enabling "check live" link. (#6714) * Fix vlan_id set and remove hardcoded string. (#6714) * Add comments. (#6714) * Update historical chart filters. (#6714)	2023-02-06 17:09:16 +00:00
MatteoBiscosi	1f88fe593d	Fixes nil value on score threshold alert	2023-02-03 13:24:28 +01:00
MatteoBiscosi	3f267937b3	Fixes non working score threshold description	2023-02-03 12:45:05 +01:00
Nicolò Maio	378232f808	Update alert score threshold with flows info (#6714 ) (#7197 )	2023-02-03 11:36:19 +01:00
Alfredo Cardigliano	73af3fa521	Add support for external (REST) host alerts (#7170 )	2023-01-26 15:34:54 +01:00
Luca	86f39b3c81	Fixed frequency report	2022-12-21 12:44:55 +01:00
Luca Deri	6ee4c25f81	Improve traffic volume alert	2022-12-20 19:34:15 +01:00
Luca Deri	c42fdd60c9	Added traffic volume alert	2022-12-19 23:17:44 +01:00
MatteoBiscosi	91e4d16f06	Reworked host ports details page	2022-12-01 16:56:11 +01:00
MatteoBiscosi	cde463a324	Added RST scan alert (#5903 )	2022-11-30 17:01:49 +01:00
Luca Deri	71fbbdbf58	Implemented custom host script (WIP)	2022-11-24 12:34:14 +01:00
MatteoBiscosi	2e27e21cc8	Added SNMP flood check (#5905 )	2022-11-23 12:14:42 +01:00
MatteoBiscosi	71bb0efbc2	Added DNS flood alert (#5905 )	2022-11-22 11:13:02 +01:00
MatteoBiscosi	7b51a4ca61	Added Fin Scan check (#5903 )	2022-05-16 17:18:11 +02:00
Luca Deri	1fe96bc73b	Initial work for implementing host/port scan detection (#6327 ) (#6328 )	2022-02-20 23:17:04 +01:00
MatteoBiscosi	147e77636b	Added victim and client/server to threshold alert (#5997 )	2022-01-07 16:28:05 +01:00
Alfredo Cardigliano	257ece18c0	Copyright update (Lua)	2022-01-03 09:42:33 +01:00
Alfredo Cardigliano	81206a9b70	Cleanup datatable js	2021-11-24 15:11:03 +01:00

1 2 3

103 commits