SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ntopng-5.0-1.657.i586.rpm :

* Sun Aug 22 2021 Martin Hauke - Update to version 5.0 Breakthroughs
* Advanced alerts engine with security features, including the detection of attackers and victims. + Integration of 30+ nDPI security risks. + Generation of the score indicator of compromise for hosts, interfaces and other network elements.
* Ability to collect flows from hundredths of routers by means of observation points.
* Anomaly detection based on Double Exponential Smoothing (DES) to uncover possibly suspicious behaviors in the traffic and in the score.
* Encrypted Traffic Analysis (ETA) with special emphasis on the TLS to uncover self-signed, expired, invalid certificates and other issues. New features
* Ability to configure alert exclusions for individual hosts to mitigate false positives.
* Ability to see the TX/RX traffic breakdown both for physical interfaces and when receiving traffic from nProbe.
* Add support for ECS when exporting to Syslog.
* Improved TCP analysis, including analysis of TCP flows with zero window and low goodput.
* Ability to send alerts to Slack.
* Implementation of a token-based REST API access. Improvements
* Reworked the execution of hosts and flows checks (formerly user scripts), yielding a reduced CPU load of about 50% .
* Improved 100Kfps+ NetFlow/sFlow collection performance.
* Drilldown of nIndex historical flows much more flexible.
* Migration to Bootstrap 5.
* Check malicious JA3 signatures against all TLS-based protocols.
* Reworked Doh/DoT handling. Fixes
* Fixes SSRF and stored-XSS injected with malicious SSDP responses.
* Fixes several leaks in NetworkInterface Notes
* REST API v1/ is deprecated and will be dropped in the next stable release in favor of REST API v2/ .
* The old alerts dashboard has been removed and replaced by an advanced alerts drilldown page with integrated charts.
* Fri Apr 23 2021 Mathias Homann - Update to ntopNG 4.2
* had to manually specify the mysql include dir - something weird is going on.
* Sat May 02 2020 Petr Cervinka - Add ntopng.target unit file- Remove ntopctl script- Obsolete old ntopng-data package
* Wed Apr 29 2020 Petr Cervinka - Major package changes:
* Remove displaying setup information from post section, it duplicates content of README.SUSE
* Add patch to avoid static linking against bundled ndpi library 001-Enable-building-against-the-dynamic-libndpi-library.patch
* Remove bundled ndpi library
* Remove GeoIP data, GeoIP has been discontinued by Maxmind https://support.maxmind.com/geolite-legacy-discontinuation-notice/ https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md
* Add geoipupdate to recommends
* Add directory /var/lib/ntopng
* Add creation of ntopng user
* Use default ntopng.conf provided by upstream
* Update description in ntopng.service file
* Fix requires in ntopng.service file
* Remove sysconfig configuration file
* Add ntopngAATT.service file to have possibility of multiple configuration files
* Update SUSE.README about multiple configuration filesqq- Update to version 4.0: Breakthroughs
* Plugins engine to tap into flows, hosts and other network elements
* Migration to Bootstrap 4 and Font Awesome 5 for a renewed ntopng look-and-feel with light and dark themes
* Processes and containers monitoring thanks to the eBPF integration via libebpfflow https://github.com/ntop/libebpfflow
* Active monitoring of hosts ICMP/ICMPv6/HTTP/HTTPS Round Trip Times (RTT) New features
* X.509 client certificate authentication
* ERSPAN transparent ethernet bridging
* Webhook export module for exporting alarms
* Identifications of the hosts in broadcast domain
* Category Lists editor to manage ip/domain lists
* Handling of PEN fields from nProbe
* Added anomalous flows to the looking glass
* Visibility of ICMP port-unreachable flows IPv4
* TCP states filtering (est., connecting, closed and rst)
* Ability to serialize local hosts in the broadcast domain via MAC address
* Japanese, portugese/brazilian localization
* Added process memory, cpu load, InfluxDB, Redis status pages and charts
* Implement ntopng Plugins, self contained modules to extend the ntopng functionalities
* Implement ZMQ/Suricata companion interface
* SSL traffic analysis and alerts via JA3 fingerprint, unsafe ciphers detection
* SSH traffic analysis and alerts via HASSH fingerprint
* Host traffic profile generation via the (MUD) Manufacturer Usage Descriptor
* Experimental Prometheus timeseries export
* Introduce the System interface to manage system wide settings and status
* Read events from Suricata and generate alerts
* SNMP network topology visualization
* Automatic ntopng update check and upgrade
* Calculate host anomaly score and trigger alerts when it exceeds a threshold
* Add ability to extract timeseries data with a click
* Initial Marketplace droplet using Fabric
* Alerts on duplex status change on SNMP interface Improvements
* View interfaces are now optimized for big networks and use less memory
* Systemd macros are now used to start/restart the ntopng services
* Handles n2disk traffic extractions from recording processes non managed by ntopng
* Interface in/out now available also for non PF_RING interfaces (read from /proc)
* Automatic InfluxDB rollup support
* MDNS discovery improvements
* Rework of the alerts engine and api for efficient engaged alerts triggering
* Faster ZMQ communication to nProbe thanks to the implementation of a binary TLV format
* Stats update for ZMQ interfaces is now based on the idle/active flows timeout
* Timeseries export improvements via queues, detect if InfluxDB is down and stop the export
* Implemented reusable Lua engine to reduce the overhead of periodic scripts
* Improve Lua error handling
* Exclude certain categories from Elephant/Long lived flows alerts nEdge
* Ability to set up port forwarding
* Support for Ubuntu 18.04
* Fix users and other prefs deleted during nEdge data reset
* Japanese localization
* Block unsupported L3 protocols (currently only ARP and IPv4 are supported)
* DNS mapping port to avoid conflicts with system programs Fixes
* Fixed export to mysql on shutdown in case of Pcap file in community mode
* Fixed failing SYN-scan detection
* Fixed ZMQ decompression errors with large templates
* Fixed possible XSS in login.lua referer param and `runtime.lua`
* Update geolocation due to changes in the library usage policy
* Fixes to support browsers dark mode
* Option `--zmq-encryption-key ` can be used with `-I ` to encrypt data hi hierarchical mode
* Fixed nIndex missing data while performing some queries and throughput calculation
* Wed Feb 26 2020 Petr Cervinka - Add README.SUSE to %doc and source section- Apply spec-cleaner
* Wed Dec 25 2019 Martin Hauke - Update to version 3.8.1
* Make the stable version compatible to build with nDPI 3.0- Update bundled nDPI to version 3.0
* Sat Feb 09 2019 mardnhAATTgmx.de- Update to version 3.8
* Lots of new features, improvements and bufixes See /usr/share/doc/packages/ntopng/CHANGELOG.md for the full changelog- Specfile cleanup - Run spec-cleaner - Use pkg-config style dependencies - Add conditional build for nEdge (disabled by default) - Add conditional build for libndpi
* ntopng currently only supports building against a static version of libndpi
* Tue Jun 06 2017 petrAATTcervinka.net- Spec file completely redesigned- GeoIP data provided as a new subpackage- Highlighted proper license for GeoIP data- Init scripts migrated to systemd unit file- Updated make compiler flags to build package on Tumbleweed- Filter out rpmlint errors and warnings- Added README.SUSE with steps how to configure redis
* Sun Dec 25 2016 Mathias.HomannAATTopensuse.org- Update to ntopng 2.4
* Thu Apr 17 2014 stoppeAATTgmx.de- Initial release
  
ICM