vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 07:29:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
25194 commits 26 branches 19 tags 444 MiB
Commit graph

490 commits

Author SHA1 Message Date
Simone Mainardi
63a5df06f6 Implement IPS activities logging (e.g., block, unblock) 
Addresses #5900
 2021-09-20 16:59:35 +02:00
Simone Mainardi
b01f8e50b8 Fixes TLS version for obsolete TLS alerts via ZMQ 
Addresses #5860
 2021-09-13 10:21:33 +02:00
Simone Mainardi
5f70c1eff7 Implements support for obsolete client SSH version 
Addresses #5861
 2021-09-10 12:32:42 +02:00
Simone Mainardi
4b55e02899 Reworks check for Obsolete SSH that was not handling cli and srv 
Addresses #5861
 2021-09-10 11:58:46 +02:00
MatteoBiscosi
a1e4e21c01 Removed threshold configuration from Score Anomaly check (#5845) 2021-09-07 11:45:16 +02:00
MatteoBiscosi
c15b62407c Separated Score Threshold and Anomaly alert (#5845) 2021-09-07 11:38:48 +02:00
MatteoBiscosi
b82cbe76c9 Reduced length of suspicious dga domain (#5804) 2021-08-26 12:15:19 +02:00
MatteoBiscosi
70e32fd566 Changed redirect icon loc. and added redirect to SuspiciousDgaDomain alert (#5806) 2021-08-26 10:51:12 +02:00
MatteoBiscosi
37267ab935 Removed not used DES structure and Fixed non working alert (#5713) 2021-08-25 16:45:16 +02:00
Francesco Amodeo
de27966413
Implemented countries host check (#5713) 
* Added check and alert implementation

* Fixed size of estimation and some typo

* Added HLL counters and DES structure
Co-authored-by: Paolo Junior Mollica <p.mollica@studenti.unipi.it>

* fixes according comments of PR

* decreased memory footprint

* resolved conflicts

* fixed HostCheckID

* Removed wrongly committed file

Co-authored-by: paolo-junior-mollica <paolo.junior.mollica@gmail.com>
Co-authored-by: Matteo Biscosi <49585191+MatteoBiscosi@users.noreply.github.com>
 2021-08-25 15:50:07 +02:00
MatteoBiscosi
5df881478d Fixes domain names contacts alert not working 2021-08-25 12:34:38 +02:00
Gaetano Barresi
f650a3700a
Domain Names host check (#5723) 
* Adding/modifying .cpp for Domain Names host check

* Adding/modifying .h/.lua for Domain Names host check

* minor synstax fix

* dns_contacts

Co-authored-by: Stefano Russo <55586218+D0kken@users.noreply.github.com>
Co-authored-by: Stefano Russo <s.russo41@studenti.unipi.it>
 2021-08-25 11:22:41 +02:00
MatteoBiscosi
156f85e522 Fixes periodicity changed alert link to the map 2021-08-11 16:06:22 +02:00
Simone Mainardi
f6560d1974 Implements and rework alert for flow periodicity change 2021-08-11 15:11:44 +02:00
Simone Mainardi
768c22b6cb Fixes lateral movement link with VLANs 2021-08-11 11:05:40 +02:00
Simone Mainardi
7710386b3c Fixes lateral movement alert links 2021-08-11 10:57:31 +02:00
MatteoBiscosi
4f1a518f7b Removed lua_utils require from lateral movement alert 2021-08-11 09:26:26 +02:00
MatteoBiscosi
d432f28ecd Fixes lateral movement alert not working 2021-08-09 16:25:28 +02:00
Vasilis Tako
4da05360f8 Changed back url from title to href attribute on anchor tags (Issue #5618) 2021-08-04 15:20:04 +02:00
Vasilis Tako
0b0107ab34 Added confirm modal when try to open all external links (Issue #5618) 2021-08-03 19:12:30 +02:00
Simone Mainardi
805b99f03c Adds search by tcp flags in SYN scan alert 2021-08-02 18:43:08 +02:00
Simone Mainardi
92b5f90690 Updates alert flow links for anomaly-based alerts 2021-07-30 15:49:48 +02:00
Simone Mainardi
820e497253 Unifies epoch-related variables in Lua and JS 2021-07-30 15:38:06 +02:00
Simone Mainardi
f563447bd9 Host alert label fixes 2021-07-30 12:51:02 +02:00
Simone Mainardi
7ba9cf0dc5 Adds TCP flag filters in historical flows drilldown 2021-07-28 18:37:43 +02:00
Simone Mainardi
de576aa999 Implements historical floww search function for all host alerts 
Addresses #5326
 2021-07-28 18:16:32 +02:00
Simone Mainardi
b6913c946d Implements skeleton to drilldown historical flows from alerts 
Addresses #5326
 2021-07-28 17:19:44 +02:00
Simone Mainardi
5fe995ecfe Implements host check for NTP traffic 2021-07-27 12:19:52 +02:00
Simone Mainardi
1a552d24ec Cleanup excessive traffic check (to be implemented as host check) 2021-07-27 11:39:40 +02:00
Simone Mainardi
aef24d06b0 Implements TLS cert validity check and corresponding test 
Addresses https://github.com/ntop/ntopng/issues/5434
Addresses https://github.com/ntop/nDPI/issues/1196
 2021-07-14 18:04:00 +02:00
MatteoBiscosi
596ecf87ad Fixes threshold put to 0 for score anomaly (#5657) 2021-07-13 09:53:18 +02:00
MatteoBiscosi
7a04146a00 Added threshold to score anomaly (#5657) 2021-07-12 13:02:31 +02:00
Simone Mainardi
eb41fd4c8f Fixes elephant and long-lived flow alerts visualization 
Fixes #5646
 2021-07-09 12:12:17 +02:00
Simone Mainardi
04a5a6ea78 Fixes DGA domains not properly handled over ZMQ 
Fixes #5649
 2021-07-07 19:20:39 +02:00
Simone Mainardi
9c3e4fc5cb Fixes invalid filter for dropped alerts 
Fixes #5631
 2021-07-07 16:42:17 +02:00
Alfredo Cardigliano
471e56a9ef Fix nil access (url) 2021-07-06 16:21:47 +02:00
l3wiz
d24f94d14d Added a modal when try to open external links (Issue #5618) 2021-07-02 19:28:33 +02:00
MatteoBiscosi
744a5e53c3 Added vlan to each host reference (#5595) 2021-07-02 13:13:00 +02:00
MatteoBiscosi
06b72839dd Extended url length #5596 2021-07-02 11:54:39 +02:00
MatteoBiscosi
04865c8938 Implements #5596 added external href to suspicious file transfer 2021-07-02 10:39:58 +02:00
MatteoBiscosi
fcf4084a03 Fixes #5590 removed table.concat function and changed with tconcat 2021-07-01 16:30:23 +02:00
Alfredo Cardigliano
26868ca62c Set missing entities in alert definitions 2021-07-01 09:03:02 +02:00
MatteoBiscosi
b487946452 Fixes #5590 concatenation using function 2021-06-30 18:32:36 +02:00
MatteoBiscosi
a04d1a25bf Removed concatenation and used the tconcat function 2021-06-30 17:22:19 +02:00
MatteoBiscosi
be198c2a99 Added L7 iface proto behavior analysis and alert (#5499 #5474) 2021-06-29 16:50:56 +02:00
Alfredo Cardigliano
b6043c1e72 Fix (entities in am_threshold_cross alert definition and) alert type filter 2021-06-25 16:08:19 +02:00
MatteoBiscosi
1ad608e905 Changed behavior alert family key into entities id 2021-06-25 15:06:21 +02:00
Simone Mainardi
63168f5ff2 Implements 'Subject' column for interface alerts 
Addresses #5563
 2021-06-24 15:51:17 +02:00
MatteoBiscosi
68fb1ec1b1 Fixed wrong ifid number 2021-06-24 12:52:04 +02:00
l3wiz
572e209bd0 Added question tooltip when string is cut (Issue #5522) 2021-06-24 12:21:15 +02:00