yaf-devel - Static libraries and C header files for yaf
Static libraries and C header files for yaf.
|yaf-devel-3.0.0.alpha3-1.fc38.x86_64 [46 KiB]||
by Lawrence R. Rogers (2023-07-18):
* Release 3.0.0.alpha3-1 Changed DNS deep packet inspection to produce names and text records with escape codes for special characters (non-ASCII, non-printable, special whitespace, and label-internal dots in names). Made DNS deep packet inspection more strict about parsing malformed DNS Resource Records across RR boundaries within the packet. Enhanced the --time and --etime options of yafMeta2Pcap to accept a human-readable timestamp in addition to milliseconds. Changed the destination of --version output to the standard output. Changed yaf to only export the fingerprint-related elements (firstPacketBanner, etc) when the --fpexport option is given. (Requires YAF to be built with --enable-fpexporter.) Changed yaf to only export the p0f-related elements (osName, etc) when the --p0fprint option is given. (Requires YAF to be built with --with-p0f.) Fixed a crash in YAF that occurs when it is built with GLib 2.75.3 or newer.
|yaf-devel-3.0.0.alpha2-1.fc38.x86_64 [48 KiB]||
by Lawrence R. Rogers (2023-02-09):
* Release 3.0.0.alpha2-1 Enhanced the deep packet inspection capabilities for SSH connections to include negotiated algorithms and HASSH hash. Added the JA3 hash to the DPI for TLS connections. Made several changes to the yafDPIRules.conf file for applabels written as C plugins: Allow the user to disable the export of arbitrary DPI elements and SMTP headers. Allow a protocol to be specified. Moved the regex definitions from C to yafDPIRules.conf. Increased the maximum payload that YAF may capture for performing DPI. Fixed a potential bug in the Shannon entropy calculation that may cause small differences in calculated values.