Iyo ntop purojekiti, iyo inovandudza maturusi ekutora uye kuongorora traffic, yakaburitsa kuburitswa kwenDPI 4.0 yakadzika packet yekuongorora toolkit, inoenderera mberi nekuvandudzwa kweraibhurari yeOpenDPI. Iyo nDPI purojekiti yakavambwa mushure mekuyedza kusabudirira kusundira shanduko kune OpenDPI repository, iyo yakasara isina kuchengetedzwa. Iyo nDPI kodhi yakanyorwa muC uye ine rezinesi pasi pe LGPLv3.
Iyo purojekiti inobvumidza iwe kuti uone iyo application-level mapuroteni anoshandiswa mutraffic, uchiongorora chimiro chetiweki chiitiko pasina kusungirirwa kune network ports (inogona kuona maprotocol anozivikanwa ane vanobata vanogamuchira kubatanidzwa pane asiri-standard network ports, semuenzaniso, kana http iri inotumirwa kubva kune imwe chiteshi kunze kwechiteshi che80, kana, zvakasiyana, apo Vari kuedza kuvhara mamwe mabasa etiweki se http nekuimhanyisa pachiteshi 80).
Misiyano kubva kuOpenDPI inosanganisira tsigiro yemamwe maprotocol, kuendesa kuWindows platform, performance optimization, kuchinjika kuti ishandiswe mune chaiyo-nguva yekutarisa traffic traffic application (mamwe maficha akadzikisa injini akabviswa), kugona kuvaka nenzira ye Linux kernel module, uye rutsigiro rwekutsanangura subprotocols.
Huwandu hwe247 protocol uye tsananguro yekushandisa inotsigirwa, kubva OpenVPN, Tor, QUIC, SOCKS, BitTorrent uye IPsec kuenda kuTeregiramu, Viber, WhatsApp, PostgreSQL uye kufona kuGmail, Office365 GoogleDocs uye YouTube. Kune sevha uye mutengi SSL chitupa decoder iyo inokutendera iwe kuti uone iyo protocol (semuenzaniso, Citrix Online uye Apple iCloud) uchishandisa encryption chitupa. Iyo nDPIreader utility inopihwa kuti iongorore zviri mukati pcap dumps kana yazvino traffic kuburikidza netiweki interface.
$ ./nDPIreader -i eth0 -s 20 -f "host 192.168.1.10" Maprotocol akaonekwa: DNS mapaketi: 57 bytes: 7904 inoyerera: 28 SSL_No_Cert mapaketi: 483 bytes: 229203 inoyerera 6: 136 packets: 74702 Face: 4 Face: 9 Face: 668 Face 3 DropBox mapaketi: 5 bytes: 339 inoyerera: 3 Skype mapaketi: 1700 bytes: 619135 inoyerera: 34 Google mapaketi: XNUMX bytes: XNUMX inoyerera: XNUMX
Mukuburitswa kutsva:
- Rutsigiro rwakavandudzwa rweakavharidzirwa nzira dzekuongorora traffic (ETA - Encrypted Traffic Analysis).
- Tsigiro yakaitwa kune yakagadziridzwa JA3 + TLS yekuzivisa mutengi nzira, iyo inobvumira, zvichibva pane yekubatanidza kutaurirana maficha uye yakatarwa paramita, kuona kuti ndeipi software inoshandiswa kumisikidza chinongedzo (semuenzaniso, inobvumidza iwe kuona mashandisiro eTor uye mamwe maapplication akajairika). Kusiyana neyaimbova yakatsigirwa nzira yeJA3, JA3+ ine mashoma enhema positives.
- Huwandu hwekutyisidzirwa kwenetiweki hwakaonekwa uye matambudziko ane chekuita nenjodzi yekukanganisika (kuyerera kwengozi) yakawedzerwa kusvika ku33. Zvitsva zvekutyisidzira detectors zvakawedzerwa zvine chekuita nedesktop uye kugovana faira, inofungidzira HTTP traffic, yakaipa JA3 uye SHA1, uye kuwana kune dambudziko. domains uye anozvimiririra masisitimu, kushandiswa kweTLS zvitupa zvine fungidziro yekuwedzera kana kurebesa nguva yechokwadi.
- Yakakosha performance optimization yakaitwa; zvichienzaniswa nebazi 3.0, kumhanya kwetraffic process kwakawedzera ne2.5 nguva.
- Yakawedzera GeoIP rutsigiro rwekutarisa nzvimbo ne IP kero.
- Yakawedzerwa API yekuverenga RSI (Relative Strength Index).
- Kudzora kupatsanurwa kwakaitwa.
- Yakawedzerwa API yekuverenga kuyerera kufanana (jitter).
- Yakawedzerwa rutsigiro rweprotocol nemasevhisi: Pakati peUs, AVAST SecureDNS, CPHA (CheckPoint High Availability Protocol), DisneyPlus, DTLS, Genshin Impact, HP Virtual Machine Group Management (hpvirtgrp), Mongodb, Pinterest, Reddit, Snapchat VoIP, Tumblr, Virtual Assistant ( Alexa , Siri), Z39.50.
- Yakavandudzwa parsing uye kuonekwa kweAnyDesk, DNS, Hulu, DCE/RPC, dnscrypt, Facebook, Fortigate, FTP Control, HTTP, IEC104, IEC60870, IRC, Netbios, Netflix, Ookla speedtest, openspeedtest.com, Outlook / MicrosoftMail, QUIC, RTSP protocol , RTSP kuburikidza neHTTP, SNMP, Skype, SSH, Steam, STUN, TeamViewer, TOR, TLS, UPnP, wireguard.
Source: opennet.ru