File ntopng.changes of Package ntopng

-------------------------------------------------------------------
Sun Aug 22 12:43:11 UTC 2021 - Martin Hauke <mardnh@gmx.de>

- Update to version 5.0
  Breakthroughs
  * Advanced alerts engine with security features, including the
    detection of attackers and victims.
    + Integration of 30+ nDPI security risks.
    + Generation of the score indicator of compromise for hosts,
      interfaces and other network elements.
  * Ability to collect flows from hundredths of routers by means of
    observation points.
  * Anomaly detection based on Double Exponential Smoothing (DES)
    to uncover possibly suspicious behaviors in the traffic and in
    the score.
  * Encrypted Traffic Analysis (ETA) with special emphasis on the
    TLS to uncover self-signed, expired, invalid certificates and
    other issues.
  New features
  * Ability to configure alert exclusions for individual hosts to
    mitigate false positives.
  * Ability to see the TX/RX traffic breakdown both for physical
    interfaces and when receiving traffic from nProbe.
  * Add support for ECS when exporting to Syslog.
  * Improved TCP analysis, including analysis of TCP flows with
    zero window and low goodput.
  * Ability to send alerts to Slack.
  * Implementation of a token-based REST API access.
  Improvements
  * Reworked the execution of hosts and flows checks (formerly user
    scripts), yielding a reduced CPU load of about 50% .
  * Improved 100Kfps+ NetFlow/sFlow collection performance.
  * Drilldown of nIndex historical flows much more flexible.
  * Migration to Bootstrap 5.
  * Check malicious JA3 signatures against all TLS-based protocols.
  * Reworked Doh/DoT handling.
  Fixes
  * Fixes SSRF and stored-XSS injected with malicious SSDP
    responses.
  * Fixes several leaks in NetworkInterface
  Notes
  * REST API v1/ is deprecated and will be dropped in the next
    stable release in favor of REST API v2/ .
  * The old alerts dashboard has been removed and replaced by an
    advanced alerts drilldown page with integrated charts.

-------------------------------------------------------------------
Fri Apr 23 15:12:36 UTC 2021 - Mathias Homann <Mathias.Homann@opensuse.org>

- Update to ntopNG 4.2
  * had to manually specify the mysql include dir - something weird is going
    on.

-------------------------------------------------------------------
Sat May  2 11:19:10 UTC 2020 - Petr Cervinka <petr@cervinka.net>

- Add ntopng.target unit file
- Remove ntopctl script
- Obsolete old ntopng-data package

-------------------------------------------------------------------
Wed Apr 29 12:52:21 UTC 2020 - Petr Cervinka <petr@cervinka.net>

- Major package changes:
   * Remove displaying setup information from post section, it duplicates 
     content of README.SUSE
   * Add patch to avoid static linking against bundled ndpi library
     001-Enable-building-against-the-dynamic-libndpi-library.patch
   * Remove bundled ndpi library
   * Remove GeoIP data, GeoIP has been discontinued by Maxmind
     https://support.maxmind.com/geolite-legacy-discontinuation-notice/
     https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
   * Add geoipupdate to recommends
   * Add directory /var/lib/ntopng
   * Add creation of ntopng user
   * Use default ntopng.conf provided by upstream
   * Update description in ntopng.service file
   * Fix requires in ntopng.service file
   * Remove sysconfig configuration file
   * Add ntopng@.service file to have possibility of multiple configuration files
   * Update SUSE.README about multiple configuration filesqq
- Update to version 4.0:
  Breakthroughs
   * Plugins engine to tap into flows, hosts and other network elements
   * Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel
     with light and dark themes
   * Processes and containers monitoring thanks to the eBPF integration via libebpfflow
     https://github.com/ntop/libebpfflow
   * Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT)
  New features
   * X.509 client certificate authentication
   * ERSPAN transparent ethernet bridging
   * Webhook export module for exporting alarms
   * Identifications of the hosts in broadcast domain
   * Category Lists editor to manage ip/domain lists
   * Handling of PEN fields from nProbe
   * Added anomalous flows to the looking glass
   * Visibility of ICMP port-unreachable flows IPv4
   * TCP states filtering (est., connecting, closed and rst)
   * Ability to serialize local hosts in the broadcast domain via MAC address
   * Japanese, portugese/brazilian localization
   * Added process memory, cpu load, InfluxDB, Redis status pages and charts
   * Implement ntopng Plugins, self contained modules to extend the ntopng functionalities
   * Implement ZMQ/Suricata companion interface
   * SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection
   * SSH traffic analysis and alerts via HASSH fingerprint
   * Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor
   * Experimental Prometheus timeseries export
   * Introduce the System interface to manage system wide settings and status
   * Read events from Suricata and generate alerts
   * SNMP network topology visualization
   * Automatic ntopng update check and upgrade
   * Calculate host anomaly score and trigger alerts when it exceeds a threshold
   * Add ability to extract timeseries data with a click
   * Initial Marketplace droplet using Fabric
   * Alerts on duplex status change on SNMP interface
  Improvements
   * View interfaces are now optimized for big networks and use less memory
   * Systemd macros are now used to start/restart the ntopng services
   * Handles n2disk traffic extractions from recording processes non managed by ntopng
   * Interface in/out now available also for non PF_RING interfaces (read from /proc)
   * Automatic InfluxDB rollup support
   * MDNS discovery improvements
   * Rework of the alerts engine and api for efficient engaged alerts triggering
   * Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format
   * Stats update for ZMQ interfaces is now based on the idle/active flows timeout
   * Timeseries export improvements via queues, detect if InfluxDB is down and stop the export
   * Implemented reusable Lua engine to reduce the overhead of periodic scripts
   * Improve Lua error handling
   * Exclude certain categories from Elephant/Long lived flows alerts
  nEdge
   * Ability to set up port forwarding
   * Support for Ubuntu 18.04
   * Fix users and other prefs deleted during nEdge data reset
   * Japanese localization
   * Block unsupported L3 protocols (currently only ARP and IPv4 are supported)
   * DNS mapping port to avoid conflicts with system programs
  Fixes
   * Fixed export to mysql on shutdown in case of Pcap file in community mode
   * Fixed failing SYN-scan detection
   * Fixed ZMQ decompression errors with large templates
   * Fixed possible XSS in login.lua referer param and `runtime.lua`
   * Update geolocation due to changes in the library usage policy
   * Fixes to support browsers dark mode
   * Option `--zmq-encryption-key <pub key>` can be used with `-I <endpoint>` to encrypt
     data hi hierarchical mode
   * Fixed nIndex missing data while performing some queries and throughput calculation
   
-------------------------------------------------------------------
Wed Feb 26 12:08:49 UTC 2020 - Petr Cervinka <petr@cervinka.net>

- Add README.SUSE to %doc and source section 
- Apply spec-cleaner

-------------------------------------------------------------------
Wed Dec 25 21:08:42 UTC 2019 - Martin Hauke <mardnh@gmx.de>

- Update to version 3.8.1
  * Make the stable version compatible to build with nDPI 3.0
- Update bundled nDPI to version 3.0

-------------------------------------------------------------------
Sat Feb  9 14:11:36 UTC 2019 - mardnh@gmx.de

- Update to version 3.8
  * Lots of new features, improvements and bufixes
    See /usr/share/doc/packages/ntopng/CHANGELOG.md for the full
    changelog
- Specfile cleanup
  - Run spec-cleaner
  - Use pkg-config style dependencies
  - Add conditional build for nEdge (disabled by default)
  - Add conditional build for libndpi
    * ntopng currently only supports building against a static
      version of libndpi

-------------------------------------------------------------------
Tue Jun  6 07:55:40 UTC 2017 - petr@cervinka.net

- Spec file completely redesigned
- GeoIP data provided as a new subpackage
- Highlighted proper license for GeoIP data
- Init scripts migrated to systemd unit file
- Updated make compiler flags to build package on Tumbleweed
- Filter out rpmlint errors and warnings
- Added README.SUSE with steps how to configure redis 

-------------------------------------------------------------------
Sun Dec 25 19:24:12 UTC 2016 - Mathias.Homann@opensuse.org

- Update to ntopng 2.4

-------------------------------------------------------------------
Thu Apr 17 07:03:58 UTC 2014 - stoppe@gmx.de

- Initial release
openSUSE Build Service is sponsored by