I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > Ukukhishwa kwesistimu yokuhlola iphakethe ye-nDPI 4.8 ejulile

Ukukhishwa kwesistimu yokuhlola iphakethe ye-nDPI 4.8 ejulile

Iphrojekthi ye-ntop, ethuthukisa amathuluzi okuthwebula nokuhlaziya ithrafikhi, ishicilele ukukhululwa kwe-nDPI 4.8 deep inspection toolkit, eqhubeka nokuthuthukiswa komtapo wezincwadi we-OpenDPI. Iphrojekthi ye-nDPI yasungulwa ngemva komzamo ongaphumelelanga wokuphusha izinguquko endaweni yokugcina i-OpenDPI, eshiywe inganakekelwa. Ikhodi ye-nDPI ibhalwe ngo-C futhi ilayisensi ngaphansi kwe-LGPLv3.

Uhlelo lukuvumela ukuthi unqume amaphrothokholi ezinga lohlelo lokusebenza asetshenziswa kuthrafikhi, uhlaziye imvelo yomsebenzi wenethiwekhi ngaphandle kokuboshelwa ezimbobeni zenethiwekhi (inganquma izivumelwano ezaziwa kakhulu abaphathi bazo abamukela ukuxhumeka ezimbobeni zenethiwekhi ezingajwayelekile, isibonelo, uma i-http ingathunyelwa kusuka ku-port 80, noma, ngokuphambene, lapho Bazama ukufihla omunye umsebenzi wenethiwekhi njenge-http ngokuwusebenzisa ku-port 80).

Umehluko ovela ku-OpenDPI uhlanganisa ukwesekwa kwezivumelwano ezengeziwe, ukuthuthwa ku-Windows platform, ukusebenza kahle, ukuzivumelanisa nezimo ukuze kusetshenziswe izinhlelo zokusebenza zokuqapha ithrafikhi ngesikhathi sangempela (ezinye izici ezithile ezehlise ijubane injini zisusiwe), ikhono lokwakha ngendlela Imojuli ye-Linux kernel, nokusekelwa kokuchaza ama-subprotocols .

Isekela ukutholwa kwezinhlobo ezingu-53 zosongo lwenethiwekhi (ubungozi bokugeleza) kanye nezivumelwano nezinhlelo zokusebenza ezingaphezu kuka-350 (kusuka ku-OpenVPN, Tor, QUIC, SOCKS, BitTorrent ne-IPsec kuya kuTelegram, Viber, WhatsApp, PostgreSQL kanye nezingcingo eziya ku-Gmail, Office 365, Google Amadokhumenti kanye ne-YouTube). Kukhona iseva neklayenti isiqophi sekhodi yesitifiketi se-SSL esikuvumela ukuthi unqume umthetho olandelwayo (isibonelo, i-Citrix Online ne-Apple iCloud) usebenzisa isitifiketi sokubethela. Insiza ye-nDPIreader ihlinzekwa ukuhlaziya okuqukethwe kokulahlwa kwe-pcap noma ithrafikhi yamanje ngesixhumi esibonakalayo senethiwekhi.

Ekukhishweni okusha:

  • Ukusetshenziswa kwenkumbulo kwehliswe ngama-oda wobukhulu, ngenxa yokusetshenzwa kabusha kokuqaliswa kohlu.
  • Usekelo lwe-IPv6 lunwetshiwe.
  • Kwengezwe izihlonzi ezintsha zephrothokholi ezihlobene nokuqukethwe kwabantu abadala, ukukhangisa, izibalo zewebhu nokulandela umkhondo.
  • Ukwesekwa okwengeziwe kwamaphrothokholi namasevisi:
    • HAProxy
    • I-Apache Thrift
    • I-RMCP (Iphrothokholi Yokulawula Isilawuli kude)
    • I-SLP (Iphrothokholi Yendawo Yesevisi)
    • Bitcoin
    • I-HTTP/2 ngaphandle kokubethela
    • I-SRTP (Vikela Izithuthi Zesikhathi Sangempela)
    • I-BACnet
    • I-OICQ (isithunywa saseShayina)
  • Incazelo eyengeziwe ye-OperaVPN ne-ProtonVPN. Ukutholwa Kwe-Wireguard okuthuthukisiwe.
  • Kwenziwe i-heuristics ukukhomba ukugeleza kwethrafikhi okubethelwe ngokugcwele.
  • Incazelo eyengeziwe yezinsizakalo ze-Yandex ne-VK.
  • Ukutholwa okungeziwe kwama-reels e-Facebook nezindaba.
  • Incazelo eyengeziwe yenkundla yokudlala ye-Roblox, isevisi yefu ye-NVIDIA GeForceNow, imidlalo ye-Epic Games, kanye negeyimu ethi β€œHeroes of the Storm”.
  • Ukutholwa okuthuthukisiwe kwethrafikhi kuma-bots okusesha.
  • Ukucozululwa okuthuthukisiwe kanye nokuhlonza amaphrothokholi namasevisi:
    • I-Gnutella
    • H323
    • HTTP
    • I-hangout
    • Amaqembu e-MS
    • Alibaba
    • I-MGCP
    • I-Steam
    • MySQL
    • Zabbix
  • Ibanga lezinsongo zenethiwekhi ezihlonziwe kanye nezinkinga ezihlobene nengcuphe yokuba sengozini (ingozi yokugeleza) inwetshiwe. Usekelo olungeziwe lwezinhlobo ezintsha ezisongelayo: NDPI_MALWARE_HOST_CONTACTED kanye ne-NDPI_TLS_ALPN_SNI_MISMATCH.
  • Ukuhlolwa kwe-Fuzzing kwahlelwa ukuze kuhlonzwe izinkinga zokwethembeka.
  • Izinkinga ngokwakhiwa ku-FreeBSD sezixazululiwe.

Source: opennet.ru

Engeza amazwana