Overview Repositories Revisions Requests Users Attributes Meta

Revisions of ndpi

Dirk Stoecker's avatar Dirk Stoecker (dstoecker) committed (revision 26)
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) committed (revision 25)
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 914390 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 24) 
- Create -common subpackage
Dirk Stoecker's avatar Dirk Stoecker (dstoecker) accepted request 913748 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 23) 
- Update to version 4.0
  New Features
  * Add API for computing RSI (Relative Strenght Index)
  * Add GeoIP support
  * Add fragments management
  * Add API for jitter calculation
  * Add single exponential smoothing API
  * Add timeseries forecasting support implementing Holt-Winters
    with confidence interval
  * Add support for MAC to radi tree and expose the full API to
    applications
  * Add JA3+, with ALPN and elliptic curve
  * Add double exponential smoothing implementation
  * Extended API for managing flow risks
  * Add flow risk score
  * New flow risks:
    + Desktop or File Sharing Session
    + HTTP suspicious content (useful for tracking trickbot)
    + Malicious JA3
    + Malicious SHA1
    + Risky domain
    + Risky AS
    + TLS Certificate Validity Too Long
    + TLS Suspicious Extension
  New Supported Protocols and Services
  * New protocols:
    + AmongUs
    + AVAST SecureDNS
    + CPHA (CheckPoint High Availability Protocol)
    + DisneyPlus
buildservice-autocommit accepted request 888209 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 22) 
baserev update by copy to link target
Martin Hauke's avatar Martin Hauke (mnhauke) accepted request 888103 from Mathias Homann's avatar Mathias Homann (lemmy04) (revision 21) 
- Update to 3.4
  * removed 001-Refresh-of-ndpi_netbios_name_interpret.patch, implemented
    upstream
buildservice-autocommit accepted request 798122 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 20) 
baserev update by copy to link target
Martin Hauke's avatar Martin Hauke (mnhauke) accepted request 798042 from Petr Cervinka's avatar Petr Cervinka (czerw) (revision 19) 
- Add upstream patch to fix ntopng build failure (ntopng#3675)
  001-Refresh-of-ndpi_netbios_name_interpret.patch
buildservice-autocommit accepted request 778081 from Lars Vogdt's avatar Lars Vogdt (lrupp) (revision 18) 
baserev update by copy to link target
Lars Vogdt's avatar Lars Vogdt (lrupp) accepted request 777777 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 17) 
- Update to version 3.2
  New Features
  * New API calls
  * Protocol detection: ndpi_is_protocol_detected
  * Categories: ndpi_load_categories_file / ndpi_load_category
  * JSON/TLV serialization: ndpi_serialize_string_boolean /
    ndpi_serialize_uint32_boolean
  * Patricia tree: ndpi_load_ipv4_ptree
  * Module initialization: ndpi_init_detection_module /
    ndpi_finalize_initalization
  * Base64 encoding: ndpi_base64_encode
  * JSON export: ndpi_flow2json
  * Print protocol: ndpi_get_l4_proto_name / ndpi_get_l4_proto_info
  * Libfuzz integration
  * Implemented Community ID hash (API call ndpi_flowv6_flow_hash
    and ndpi_flowv4_flow_hash)
  * Detection of RCE in HTTP GET requests via PCRE
  * Integration of the libinjection library to detect SQL
    injections and XSS type attacks in HTTP requests
  New Supported Protocols and Services
  * TLS: new decode
  * Added ALPN support
  * Added export of supported version in TLS header
  * Added Telnet dissector with metadata extraction
  * Added Zabbix dissector
  * Added POP3/IMAP metadata extraction
  * Added FTP user/password extraction
  * Added NetBIOS metadata extraction
  * Added Kerberos metadata extraction
  * Implemented SQL Injection and XSS attack detection
buildservice-autocommit accepted request 761346 from Lars Vogdt's avatar Lars Vogdt (lrupp) (revision 16) 
baserev update by copy to link target
Lars Vogdt's avatar Lars Vogdt (lrupp) accepted request 760409 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 15) 
- Add hyperscan-devel as dependency to libndpi-devel
buildservice-autocommit accepted request 759921 from Lars Vogdt's avatar Lars Vogdt (lrupp) (revision 14) 
baserev update by copy to link target
Lars Vogdt's avatar Lars Vogdt (lrupp) accepted request 759184 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 13) 
- Drop not longer needed patches (fixed upstream)
  * ndpi-fix-build.patch
  * reproducible.patch
- Update to version 3.0
  New Features
  * nDPI now reports the protocol ASAP even when specific fields
    have not yet been dissected because such packets have not yet
    been observed. This is important for inline applications that
    can immediately act on traffic. Applications that need full
    dissection need to call the new API function
    ndpi_extra_dissection_possible() to check if metadata dissection
    has been completely performed or if there is more to read before
    declaring it completed.
  * TLS (formerly identified as SSL in nDPI v2.x) is now dissected
    more deeply, certificate validity is extracted as well
    certificate SHA-1.
  * nDPIreader can now export data in CSV format with option -C
  * Implemented Sequence of Packet Length and Time (SPLT) and Byte
    Distribution (BD) as specified by Cisco Joy
    (https://github.com/cisco/joy). This allows malware activities
    on encrypted TLS streams.
  * Available as library and in ndpiReader with option -J
  * Promoted usage of protocol categories rather than protocol
    identifiers in order to classify protocols. This allows
    application protocols to be clustered in families and thus better
    managed by users/developers rather than using hundred of
    protocols unknown to most of the people.
  * Added Inter-Arrival Time (IAT) calculation used to detect
    protocol misbehaviour (e.g. slow-DoS detection)
  * Added data analysis features for computign metrics such as
buildservice-autocommit accepted request 707881 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 12) 
baserev update by copy to link target
Martin Hauke's avatar Martin Hauke (mnhauke) accepted request 707688 from Bernhard Wiedemann's avatar Bernhard Wiedemann (bmwiedemann) (revision 11) 
Add reproducible.patch to override build date (boo#1047218)
buildservice-autocommit accepted request 691915 from Lars Vogdt's avatar Lars Vogdt (lrupp) (revision 10) 
baserev update by copy to link target
Lars Vogdt's avatar Lars Vogdt (lrupp) accepted request 690051 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 9) 
- Update to version 2.8
  New Supported Protocols and Services
  * Added Modbus over TCP dissector
  Improvements
  * Wireshark Lua plugin compatibility with Wireshark 3
  * Improved MDNS dissection
  * Improved HTTP response code handling
  * Full dissection of HTTP responses
  Fixes
  * Fixed false positive mining detection
  * Fixed invalid TCP DNS dissection
  * Releasing buffers upon realloc failures
  * ndpiReader: Prevents references after free
  * Endianness fixes
  * Fixed IPv6 HTTP traffic dissection
  * Fixed H.323 detection
  Other
  * Disabled ookla statistics which need to be improved
  * Support for custom protocol files of arbitrary length
  * Update radius.c to RFC2865
buildservice-autocommit accepted request 678573 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 8) 
baserev update by copy to link target
Displaying revisions 1 - 20 of 27
openSUSE Build Service is sponsored by
Places