Skip to content

v4.8.0
Compare
Choose a tag to compare
@caffeinatedpixel caffeinatedpixel released this 26 Apr 18:23
· 10 commits to master since this release
v4.8.0
dd1acf9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What's Changed

Improvements:

  • Change show-long-connections to sort by total duration instead of longest duration by @Zalgo2462 in #790
  • Removal of connection count portion of beacon scoring and adjustment of skew by @lisaSW in #792
  • Duration Scoring Update by @lisaSW in #793
  • Update to bimodal portion of the histogram score by @lisaSW in #794

Bug Fixes:

  • Improve useragent aggregation runtime for datasets with many useragents by @Zalgo2462 in #785
  • Fix SSL and DNS log filtering by @Zalgo2462 in #788
  • Prevent crashing due to malformed IP addresses in Zeek logs by @lisaSW in #791
  • Don't filter internal -> internal DNS traffic by @Zalgo2462 in #797
  • Disable SNI connection analysis if SNI beacon analysis is disabled by @Zalgo2462 in #798
  • Only maintain one cid's worth of max scores in the host collection by @Zalgo2462 in #801

Full Changelog: v4.7.0...v4.8.0

Contributors

Zalgo2462 and lisaSW
Assets 4