search

ntop / nDPI

Open Source Deep Packet Inspection Software Toolkit
http://www.ntop.org
GNU Lesser General Public License v3.0
3.86k stars 902 forks source link

CNC-IP false positives #2530

Closed IvanNardi closed 3 months ago

IvanNardi commented 3 months ago

With latest code, there are some CNC-IP false positives. For examples: cncip_false_positives.zip Should we revert to the session-id match?

IvanNardi commented 3 months ago

@0xA50C1A1, could you take a look, please?

IvanNardi commented 3 months ago

Fixed in 3189f19b0fea497ad2108ef498d04818a015d329