nDPI 4.4 inosvika ine yakagadziridzwa protocol rutsigiro uye nezvimwe

Darkcrizt

4 maminitsi

ari ntop chirongwa vanogadzira (ndiani anovandudza maturusi ekutora uye kuongorora traffic) kuziviswa ichangoburitswa iyo itsva vhezheni yenDPI 4.4, inoenderera iri superset yekuchengetedza yeakakurumbira OpenDP raibhurari.

nDPI Iyo inoratidzirwa nekushandiswa neese ari maviri ntop uye nProbe kuwedzera iyo yekuonekwa kwemaprotocol pamusara wekushandisa, kunyangwe chiteshi chiri kushandiswa. Izvi zvinoreva kuti zvinokwanisika kuona inozivikanwa protocols pane asiri-akaenzana madoko.

Iyo purojekiti inobvumidza iwe kuti uone iyo yekushandisa-chikamu maprotocol anoshandiswa mune traffic nekuongorora hunhu hwe netiweki chiitiko pasina kusunga kune network network (unogona kuona maprotocol anozivikanwa ayo madhiraivha anogamuchira kubatana pane asiri-akaenzana network ports, semuenzaniso kana http isina kutumirwa kubva pachiteshi 80, kana, zvakadaro, kana ivo vachiedza kufukidza imwe network zviitiko zvakaita se http inomhanya pachiteshi 80).

Misiyano neOpenDPI inoderedzwa kutsigira mamwe maprotocol, kutakurika kweiyo Windows chikuva, mashandiro ekugadzirisa, kuchinjika kwekushandisa muzvishandiso kuongorora traffic munguva chaiyo (zvimwe zvinhu zvakadzora injini zvakabviswa), kuvaka kugona muchimiro cheLinux kernel module uye rutsigiro rwekutsanangudza sub -protocol.

Main nyowani maficha eNDPI 4.4

Mune iyi vhezheni itsva iyo inoratidzwa zvinoratidzwa kuti metadata yakawedzerwa neruzivo nezve chikonzero chekufonera mutongi kune imwe njodzi.

Imwe shanduko yakakosha iri mu iyo yakavakirwa-mukati kuita gcrypt iyo inogoneswa nekusarudzikaa (iyo --ne-libgcrypt sarudzo inokurudzirwa kushandisa iyo system kuita).

Mukuwedzera kune izvi, zvinoratidzwa zvakare kuti huwandu hwekutyisidzirwa kwetiweki dzakaonekwa uye matambudziko akabatana akawedzerwa nenjodzi yekukanganisa (njodzi yekuyerera) uye yakawedzera rutsigiro rwemhando nyowani dzekutyisidzira: NDPI_PUNYCODE_IDN, NPI_ERROR_CODE_DETECTED, NDPI_HTTP_CRAWLER_BOT uye NDPI_ANONYMOUS_SUBSCRIBER.

Yakawedzerwa iyo ndpi_check_flow_risk_exceptions () basa rekugonesa network network network, pamwe nemazinga maviri matsva ekuvanzika akawedzerwa: NDPI_CONFIDENCE_DPI_PARTIAL uye NDPI_CONFIDENCE_DPI_PARTIAL_CACHE.

Izvo zvakare zvakasimbiswa izvo yakagadziridzwa zvisungo zvemutauro wepython, iyo mukati mekushandiswa kwehashmap yakatsiviwa neuthash, pamwe nekukamurwa kuita network protocol (semuenzaniso, TLS) uye mapuroteni ekushandisa (semuenzaniso, masevhisi eGoogle) uye template yekutsanangura kushandiswa kwakawedzerwa Cloudflare's WARP sevhisi.

Kune rumwe rutivi, zvakare inocherechedzwa kuti yakawedzera kucherechedzwa kweprotocol ye:

  • UltraSurf
  • i3D
  • riotgames
  • tsan
  • TunnelBear VPN
  • collected
  • PIM (Protocol Independent Multicast)
  • Pragmatic General Multicast (PGM)
  • RSH
  • GoTo zvigadzirwa (kunyanya GoToMeeting)
  • Dazn
  • MPEG-DASH
  • Agora Software Defined Real-time Network (SD-RTN)
  • Toca Boca
  • VXLAN
  • DMNS/LLMNR

Yeimwe shanduko iyo inomira kune iyi vhezheni itsva:

  • Kugadziriswa kwedzimwe mhuri dzeprotocol classification.
  • Yakagadziriswa default protocol ports ye email protocol
  • Yakasiyana-siyana yekuyeuka uye mafashama anogadzirisa
  • Njodzi dzakasiyana-siyana dzakadzimwa kune chaiwo maprotocol (semuenzaniso, dzima ALPN isipo yeCiscoVPN)
  • Gadzirisa TZSP decapsulation
  • Gadziridza ASN/IP zvinyorwa
  • Kuvandudzwa kwekodhi profiling
  • Shandisa Doxygen kugadzira zvinyorwa zveAPI
  • Edgecast uye Cachefly CDNs akawedzera.

Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo Nezve iyi vhezheni vhezheni, iwe unogona kutarisa izvo zvinyorwa mu inotevera chinongedzo.

Maitiro ekuisa nDPI paLinux?

Kune avo vanofarira kukwanisa kuisa chishandiso ichi pane yavo system, vanogona kuzviita nekutevera mirairo yatinogovera pazasi.

Kuti uise chishandiso, isu tinofanirwa kudhawunirodha kodhi kodhi uye kuiunganidza, asi zvisati zvaitika kana varipo Debian, Ubuntu kana vashandisi vanobva Pane izvi, tinofanira kutanga taisa zvinotevera:

sudo apt-get install build-essential git gettext flex bison libtool autoconf automake pkg-config libpcap-dev libjson-c-dev libnuma-dev libpcre2-dev libmaxminddb-dev librrd-dev

Panyaya yeavo vari Arch Linux vashandisi:

sudo pacman -S gcc git gettext flex bison libtool autoconf automake pkg-config libpcap json-c numactl pcre2 libmaxminddb rrdtool

Zvino, kuti tiunganidze, isu tinofanirwa kudhawunirodha kodhi kodhi, iyo yaunogona kuwana nekunyora:

git clone https://github.com/ntop/nDPI.git

cd nDPI

Uye isu tinoenderera mberi nekuunganidza chishandiso nekunyora:

./autogen.sh
make

Kana iwe uchida kuziva zvakawanda nezve kushandiswa kwechishandiso, unogona tarisa chinotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako