ntopng

vrr/ntopng

mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 15:39:33 +00:00

Author	SHA1	Message	Date
Alfredo Cardigliano	48c849f4c7	Skip (and report) bad IPs in scan check	2025-05-27 16:05:40 +02:00
Manuel Ceroni	26c23347e7	Improved Scan Alerts with MITRE and fixes (#9127 )	2025-04-08 11:33:53 +02:00
Manuel Ceroni	e1328ae36b	Implemented Scan Realtime Alert (#9106 ) * Implemented Scan Realtime Alert * Removed old scan alerts	2025-04-04 12:42:46 +02:00
Manuel Ceroni	fe0975ba2a	Added Service Down check to Scan Alert (#9066 )	2025-03-21 16:55:29 +01:00
Manuel Ceroni	f5ea2e1062	Updated scan alert to display network address instead of network ID (#9043 )	2025-03-17 15:39:59 +01:00
Manuel Ceroni	69e91bd875	Updated service scan check and changed limits in Scan Alert (#9026 )	2025-03-11 12:33:42 +01:00
Manuel Ceroni	00c6efdce6	Implemented network and service scan checks, merging them with the port scan check into a single alert (Scan Alert) (#9024 )	2025-03-10 21:19:05 +01:00
Matteo Biscosi	34b559e66d	Added attacker in port scan (#9009 )	2025-03-05 11:52:56 +01:00
Manuel Ceroni	83d6fb24da	Port scan alert aggregation (#9021 )	2025-03-04 16:12:13 +01:00
manuelceroni	bbbcd6510a	Changed interval size and priority for port scan alerts	2025-02-28 13:14:17 +01:00
Alfredo Cardigliano	ab9224d2ce	Extend lua alerts API with alert:set_require_attention()	2025-02-28 11:58:08 +01:00
Manuel Ceroni	d4b7a3d375	Implemented port scan alert (clickhouse) (#9006 )	2025-02-27 10:44:18 +01:00
Alfredo Cardigliano	2c1908b43e	Fix dup condition	2025-02-19 09:47:19 +01:00
Alfredo Cardigliano	f81f282442	Code cleanup	2025-02-17 16:02:19 +01:00
Alfredo Cardigliano	31752105d9	Add Lua host check example (Suspicious Domain Scans) #8956	2025-02-17 15:14:30 +01:00
Matteo Biscosi	e89f07f238	Merged score threshold and dangerous hosts alerts (#8827 )	2024-12-12 16:45:43 +01:00
Luca	1117e71d18	Removed SYN flood check that was partially overlapping with SYN scan	2024-10-22 15:46:50 +02:00
Matteo Biscosi	952e136080	Moved unexpected gateway check from flows to hosts	2024-10-07 16:58:31 +02:00
Luca Deri	2ee2c180a5	Removed alerts no longer necessary as they have been replaced by local traffic rules	2024-02-21 22:54:22 +01:00
Luca Deri	55870e97b9	(C) Update	2024-01-12 11:44:18 +01:00
Matteo Biscosi	76267099a2	Fixes alerts inconsistent alerts and checks names (#7314 )	2023-03-14 15:36:07 +00:00
Alfredo Cardigliano	73af3fa521	Add support for external (REST) host alerts (#7170 )	2023-01-26 15:34:54 +01:00
MatteoBiscosi	cde463a324	Added RST scan alert (#5903 )	2022-11-30 17:01:49 +01:00
Luca Deri	71fbbdbf58	Implemented custom host script (WIP)	2022-11-24 12:34:14 +01:00
MatteoBiscosi	71bb0efbc2	Added DNS flood alert (#5905 )	2022-11-22 11:13:02 +01:00
MatteoBiscosi	eda4cfb088	Added severity to ntopng checks table	2022-10-20 10:34:37 +02:00
MatteoBiscosi	91c9b5d04d	Moved host mac reassociation alert	2022-05-31 11:31:42 +02:00
MatteoBiscosi	7b51a4ca61	Added Fin Scan check (#5903 )	2022-05-16 17:18:11 +02:00
Luca Deri	b0158f89c2	Reworked MAC/IP Reassociation alert used to detect spoofind and MITM (Man In The Middle) Attacks	2022-05-15 19:17:18 +02:00
Luca Deri	c430f9d6e6	Updated scan detection code (work in progress)	2022-02-21 10:39:29 +01:00
MatteoBiscosi	57a85de50e	Cleaned up the code from plugin_utils	2022-02-11 12:07:23 +01:00
Alfredo Cardigliano	257ece18c0	Copyright update (Lua)	2022-01-03 09:42:33 +01:00
Simone Mainardi	ac0969eddc	Additional fixes for PktThresholdAlert	2021-11-18 18:30:25 +01:00
Marco Tranchida	98aa892aab	Implementazione nuovo check, progetto GR (#6074 ) * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Update en.lua * Update en.lua * Update ntop_typedefs.h * Update HostChecksStatus.h * Update PktThreshold.cpp	2021-11-18 17:15:07 +01:00
MatteoBiscosi	3f4a1a0e49	Changed ICMP flood per minute description (#5904 )	2021-10-07 11:48:29 +02:00
MatteoBiscosi	fda446fb7c	Added ICMP flood alert (#5904 )	2021-10-07 11:42:22 +02:00
Simone Mainardi	ba64aad551	Introduces the IPS/IDS cat. to further classify checks Addresses #5899	2021-09-20 11:55:47 +02:00
MatteoBiscosi	c15b62407c	Separated Score Threshold and Anomaly alert (#5845 )	2021-09-07 11:38:48 +02:00
MatteoBiscosi	37267ab935	Removed not used DES structure and Fixed non working alert (#5713 )	2021-08-25 16:45:16 +02:00
Francesco Amodeo	de27966413	Implemented countries host check (#5713 ) * Added check and alert implementation * Fixed size of estimation and some typo * Added HLL counters and DES structure Co-authored-by: Paolo Junior Mollica <p.mollica@studenti.unipi.it> * fixes according comments of PR * decreased memory footprint * resolved conflicts * fixed HostCheckID * Removed wrongly committed file Co-authored-by: paolo-junior-mollica <paolo.junior.mollica@gmail.com> Co-authored-by: Matteo Biscosi <49585191+MatteoBiscosi@users.noreply.github.com>	2021-08-25 15:50:07 +02:00
MatteoBiscosi	5df881478d	Fixes domain names contacts alert not working	2021-08-25 12:34:38 +02:00
Gaetano Barresi	f650a3700a	Domain Names host check (#5723 ) * Adding/modifying .cpp for Domain Names host check * Adding/modifying .h/.lua for Domain Names host check * minor synstax fix * dns_contacts Co-authored-by: Stefano Russo <55586218+D0kken@users.noreply.github.com> Co-authored-by: Stefano Russo <s.russo41@studenti.unipi.it>	2021-08-25 11:22:41 +02:00
Simone Mainardi	5fe995ecfe	Implements host check for NTP traffic	2021-07-27 12:19:52 +02:00
Simone Mainardi	343fc335c2	Implements support for non-community {host,flow} checks	2021-07-12 12:32:06 +02:00
Simone Mainardi	f48670a557	Prevents loading nEdge-only checks on non-nEdge systems Partially addresses #5519	2021-06-29 18:05:47 +02:00
Simone Mainardi	25159f0a9b	Refactors {host,flow}_callbacks into {host,flow}_checks (lua)	2021-06-16 18:59:07 +02:00

46 commits