cardigliano
commented
2 weeks ago 3b0b60c422dbb4071da03c7b8c4de87fc2022168 removes JA3 leftovers, updates ndpi alert keys, renames malicious JA3 to malicious fingerprint to match the new generic name in ndpi. d1ff848a8dd1daa88ab49786472ed2588af0f47d updates locale
JA3 support has been removed from ntopng but there are some leftovers that need to be fixed. For instance lists_utils.lua contains the list of JA3 signatures that can be loaded. This means that ntopng is currently broken.
Replace it with JA4 (e.g. see https://ja4db.com)
Note that flow_alert_ndpi_malicious_ja3 contained scripts/lua/modules/alert_keys/flow_alert_keys.lua needs to be updated as well locale strings