LiFTeR: Changes for May 3, 2019
- httplib2-0.12.3-1.el7.noarch.rpm - Httpib2 is comprehensive HttP client library, httplib2 supports many features left out of other HttP libraries.
This package was installed for CentOS/RHEL 7 to support xplico.
Please note that for CentOS/RHEL 7, this package was built incorrectly and was not usable.
These build problems have been fixed in this release.
- nDPI{,-devel}-2.9.0-1.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and nDPI{,-devel}-2.9.0-1.el7.x86_64.rpm -
nDPI is a ntop-maintained superset of the popular OpenDPI library.
Released under the GPL license, its goal is to extend the original library by adding new protocols that are otherwise available only on the paid version of OpenDPI.
In addition to Unix platforms, we also support Windows, in order to provide you a cross-platform DPI experience.
Furthermore, we have modified nDPI do be more suitable for traffic monitoring applications, by disabling specific features that slow down the DPI engine while
being them un-necessary for network traffic monitoring.
nDPI is used by both ntop and nProbe for adding application-layer detection of protocols, regardless of the port being used. This means that it is possible to both detect known protocols on non-standard ports (e.g. detect http non ports other than 80), and also the opposite (e.g. detect Skype traffic on port 80). This is because nowadays the concept of port=application no longer holds.
See here for the list of supported protocols.
- xplico-1.2.2-2.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and xplico-1.2.2-2.el7.x86_64.rpm -
xplico is an Internet traffic decoder.
The changes include:
- CakePHP updated to 2.10.17
- Migration from GeoIP to GeoIP2
- nDPI updated to 2.9
- ghidra-9.0.2-PUBLIC_20190403.{fc24,fc25,fc26,fc27,fc28,fc29}.{i686,x86_64}.rpm and ghidra-9.0.2-PUBLIC_20190403.el7.x86_64.rpm -
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.
This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms
including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features.
Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.
Users may also develop their own Ghidra plug-in components and/or scripts using Java or Python.
See the list of changes and improvement here.
Please note that you must install the JDK for Ghidra to work. In testing, The Java Development Kit (JDK) version 11.0.2 was used and worked successfully. Ghidra expects a program named java to be available in the directories named in the PATH variable.
- python{2,3}-bencode-2.0.0-2.el7.noarch.rpm -
Bencode re-packages the existing bencoding
- python{2,3}-biplist-1.0.3-2.el7.x86_64.rpm -
Biplist is a library for reading/writing binary plists.
Binary Property List (plist) files provide a faster and smaller serialization format for property lists on OS X.
This is a library for generating binary plists which can be read by OS X, iOS, or other clients.
- python{2,3}-dfdatetime-20190116-2.el7.noarch.rpm - dfDateTime,
or Digital Forensics date and time, provides date and time objects to preserve accuracy and precision.
- python{2,3}-dfwinreg-20190329-1.el7.x86_64.rpm -
DFWinreg, or Digital Forensics Windows Registry, provides read-only access to Windows Registry objects.
The goal of dfWinReg is to provide a generic interface for accessing Windows Registry objects that resembles the Registry key hierarchy as seen on a live Windows system.
- python2-dtfabric-20190120-2.el7.x86_64.rpm -
Dtfabric is a project to manage data types and structures, as used in the libyal projects.
- python{2,3}-elasticsearch-6.3.1-2.el7.x86_64.rpm -
ElasticSearch is the official low-level client for
Elasticsearch. Its goal is to provide common ground for all Elasticsearch-related code in Python;
because of this it tries to be opinion-free and very extendable. For a more high level client library with more limited scope, have a
look at elasticsearch-dsl - a more pythonic library sitting on top of elasticsearch-py. It provides a more convenient and idiomatic way
to write and manipulate queries. It stays close to the Elasticsearch JSON DSL, mirroring its terminology and structure while exposing the
whole range of the DSL from Python either directly using defined classes or a queryset-like expressions. It also provides an optional
persistence layer for working with documents as Python objects in an ORM-like fashion: defining mappings, retrieving and saving documents,
wrapping the document data in user-defined classes.
- idna-2.5-1.el7.noarch.rpm -
IDNA provides support for the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891. This is the latest version of the protocol and is sometimes referred to as "IDNA 2008".