Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:marec2000:ARM
ntopng
ntopng.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ntopng.changes of Package ntopng
------------------------------------------------------------------- Sun Aug 22 12:43:11 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 5.0 Breakthroughs * Advanced alerts engine with security features, including the detection of attackers and victims. + Integration of 30+ nDPI security risks. + Generation of the score indicator of compromise for hosts, interfaces and other network elements. * Ability to collect flows from hundredths of routers by means of observation points. * Anomaly detection based on Double Exponential Smoothing (DES) to uncover possibly suspicious behaviors in the traffic and in the score. * Encrypted Traffic Analysis (ETA) with special emphasis on the TLS to uncover self-signed, expired, invalid certificates and other issues. New features * Ability to configure alert exclusions for individual hosts to mitigate false positives. * Ability to see the TX/RX traffic breakdown both for physical interfaces and when receiving traffic from nProbe. * Add support for ECS when exporting to Syslog. * Improved TCP analysis, including analysis of TCP flows with zero window and low goodput. * Ability to send alerts to Slack. * Implementation of a token-based REST API access. Improvements * Reworked the execution of hosts and flows checks (formerly user scripts), yielding a reduced CPU load of about 50% . * Improved 100Kfps+ NetFlow/sFlow collection performance. * Drilldown of nIndex historical flows much more flexible. * Migration to Bootstrap 5. * Check malicious JA3 signatures against all TLS-based protocols. * Reworked Doh/DoT handling. Fixes * Fixes SSRF and stored-XSS injected with malicious SSDP responses. * Fixes several leaks in NetworkInterface Notes * REST API v1/ is deprecated and will be dropped in the next stable release in favor of REST API v2/ . * The old alerts dashboard has been removed and replaced by an advanced alerts drilldown page with integrated charts. ------------------------------------------------------------------- Fri Apr 23 15:12:36 UTC 2021 - Mathias Homann <Mathias.Homann@opensuse.org> - Update to ntopNG 4.2 * had to manually specify the mysql include dir - something weird is going on. ------------------------------------------------------------------- Sat May 2 11:19:10 UTC 2020 - Petr Cervinka <petr@cervinka.net> - Add ntopng.target unit file - Remove ntopctl script - Obsolete old ntopng-data package ------------------------------------------------------------------- Wed Apr 29 12:52:21 UTC 2020 - Petr Cervinka <petr@cervinka.net> - Major package changes: * Remove displaying setup information from post section, it duplicates content of README.SUSE * Add patch to avoid static linking against bundled ndpi library 001-Enable-building-against-the-dynamic-libndpi-library.patch * Remove bundled ndpi library * Remove GeoIP data, GeoIP has been discontinued by Maxmind https://support.maxmind.com/geolite-legacy-discontinuation-notice/ https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md * Add geoipupdate to recommends * Add directory /var/lib/ntopng * Add creation of ntopng user * Use default ntopng.conf provided by upstream * Update description in ntopng.service file * Fix requires in ntopng.service file * Remove sysconfig configuration file * Add ntopng@.service file to have possibility of multiple configuration files * Update SUSE.README about multiple configuration filesqq - Update to version 4.0: Breakthroughs * Plugins engine to tap into flows, hosts and other network elements * Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel with light and dark themes * Processes and containers monitoring thanks to the eBPF integration via libebpfflow https://github.com/ntop/libebpfflow * Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT) New features * X.509 client certificate authentication * ERSPAN transparent ethernet bridging * Webhook export module for exporting alarms * Identifications of the hosts in broadcast domain * Category Lists editor to manage ip/domain lists * Handling of PEN fields from nProbe * Added anomalous flows to the looking glass * Visibility of ICMP port-unreachable flows IPv4 * TCP states filtering (est., connecting, closed and rst) * Ability to serialize local hosts in the broadcast domain via MAC address * Japanese, portugese/brazilian localization * Added process memory, cpu load, InfluxDB, Redis status pages and charts * Implement ntopng Plugins, self contained modules to extend the ntopng functionalities * Implement ZMQ/Suricata companion interface * SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection * SSH traffic analysis and alerts via HASSH fingerprint * Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor * Experimental Prometheus timeseries export * Introduce the System interface to manage system wide settings and status * Read events from Suricata and generate alerts * SNMP network topology visualization * Automatic ntopng update check and upgrade * Calculate host anomaly score and trigger alerts when it exceeds a threshold * Add ability to extract timeseries data with a click * Initial Marketplace droplet using Fabric * Alerts on duplex status change on SNMP interface Improvements * View interfaces are now optimized for big networks and use less memory * Systemd macros are now used to start/restart the ntopng services * Handles n2disk traffic extractions from recording processes non managed by ntopng * Interface in/out now available also for non PF_RING interfaces (read from /proc) * Automatic InfluxDB rollup support * MDNS discovery improvements * Rework of the alerts engine and api for efficient engaged alerts triggering * Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format * Stats update for ZMQ interfaces is now based on the idle/active flows timeout * Timeseries export improvements via queues, detect if InfluxDB is down and stop the export * Implemented reusable Lua engine to reduce the overhead of periodic scripts * Improve Lua error handling * Exclude certain categories from Elephant/Long lived flows alerts nEdge * Ability to set up port forwarding * Support for Ubuntu 18.04 * Fix users and other prefs deleted during nEdge data reset * Japanese localization * Block unsupported L3 protocols (currently only ARP and IPv4 are supported) * DNS mapping port to avoid conflicts with system programs Fixes * Fixed export to mysql on shutdown in case of Pcap file in community mode * Fixed failing SYN-scan detection * Fixed ZMQ decompression errors with large templates * Fixed possible XSS in login.lua referer param and `runtime.lua` * Update geolocation due to changes in the library usage policy * Fixes to support browsers dark mode * Option `--zmq-encryption-key <pub key>` can be used with `-I <endpoint>` to encrypt data hi hierarchical mode * Fixed nIndex missing data while performing some queries and throughput calculation ------------------------------------------------------------------- Wed Feb 26 12:08:49 UTC 2020 - Petr Cervinka <petr@cervinka.net> - Add README.SUSE to %doc and source section - Apply spec-cleaner ------------------------------------------------------------------- Wed Dec 25 21:08:42 UTC 2019 - Martin Hauke <mardnh@gmx.de> - Update to version 3.8.1 * Make the stable version compatible to build with nDPI 3.0 - Update bundled nDPI to version 3.0 ------------------------------------------------------------------- Sat Feb 9 14:11:36 UTC 2019 - mardnh@gmx.de - Update to version 3.8 * Lots of new features, improvements and bufixes See /usr/share/doc/packages/ntopng/CHANGELOG.md for the full changelog - Specfile cleanup - Run spec-cleaner - Use pkg-config style dependencies - Add conditional build for nEdge (disabled by default) - Add conditional build for libndpi * ntopng currently only supports building against a static version of libndpi ------------------------------------------------------------------- Tue Jun 6 07:55:40 UTC 2017 - petr@cervinka.net - Spec file completely redesigned - GeoIP data provided as a new subpackage - Highlighted proper license for GeoIP data - Init scripts migrated to systemd unit file - Updated make compiler flags to build package on Tumbleweed - Filter out rpmlint errors and warnings - Added README.SUSE with steps how to configure redis ------------------------------------------------------------------- Sun Dec 25 19:24:12 UTC 2016 - Mathias.Homann@opensuse.org - Update to ntopng 2.4 ------------------------------------------------------------------- Thu Apr 17 07:03:58 UTC 2014 - stoppe@gmx.de - Initial release
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
