RemediationsΒΆ
- Remediations for nDPI Risks
- POSSIBLE XSS
- POSSIBLE SQL INJECTION
- POSSIBLE REMOTE CODE INJECTION
- BINARY APPLICATION TRANSFER
- KNOWN PROTOCOL ON NON STANDARD PORT
- TLS SELFSIGNED CERTIFICATE
- TLS OBSOLETE VERSION
- TLS WEAK CIPHER
- TLS CERTIFICATE EXPIRED
- TLS CERTIFICATE MISMATCH
- HTTP SUSPICIOUS USER AGENT
- NUMERIC IP HOST
- HTTP SUSPICIOUS URL
- HTTP SUSPICIOUS HEADER
- TLS NOT CARRYING HTTPS
- SUSPICIOUS DGA DOMAIN
- MALFORMED PACKET
- SSH OBSOLETE CLIENT VERSION OR CIPHER
- SSH OBSOLETE SERVER VERSION OR CIPHER
- SMB INSECURE VERSION
- TLS SUSPICIOUS ESNI USAGE
- UNSAFE PROTOCOL
- SUSPICIOUS DNS TRAFFIC
- TLS MISSING SNI
- HTTP SUSPICIOUS CONTENT
- RISKY ASN
- RISKY DOMAIN
- MALICIOUS FINGERPRINT
- MALICIOUS SHA1 CERTIFICATE
- DESKTOP OR FILE SHARING SESSION
- TLS UNCOMMON ALPN
- TLS CERTIFICATE VALIDITY TOO LONG
- TLS SUSPICIOUS EXTENSION
- TLS FATAL ALERT
- SUSPICIOUS ENTROPY
- CLEAR TEXT CREDENTIALS
- LARGE DNS PACKET
- DNS FRAGMENTED
- INVALID CHARACTERS
- POSSIBLE EXPLOIT
- TLS CERTIFICATE ABOUT TO EXPIRE
- PUNYCODE IDN (PUNYCODE INTERNATIONALIZED DOMAIN NAMES)
- ERROR CODE DETECTED
- HTTP CRAWLER BOT
- ANONYMOUS SUBSCRIBER
- UNIDIRECTIONAL TRAFFIC
- HTTP OBSOLETE SERVER
- PERIODIC FLOW
- MINOR ISSUES
- TCP ISSUES
- FULLY ENCRYPTED
- TLS ALPN SNI MISMATCH
- MALWARE HOST CONTACTED
- BINARY DATA TRANSFER
- PROBING ATTEMPT
- Remediations for ntopng Flow Risks
- Remediations for ntopng Risks
- NORMAL
- BLACKLISTED
- BLACKLISTED COUNTRY
- FLOW BLOCKED
- DATA EXFILTRATION
- DEVICE PROTOCOL NOT ALLOWED
- DNS DATA EXFILTRATION
- DNS INVALID QUERY
- ELEPHANT FLOW
- BLACKLISTED CLIENT CONTACT
- EXTERNAL ALERT
- LONG LIVED FLOW
- LOW GOODPUT
- BLACKLISTED SERVER CONTACT
- INTERNAL DATA LEAKAGE
- REMOTE TO REMOTE
- TCP PACKET ISSUES
- TCP CONNECTION REFUSED
- TCP SEVERE CONNECTION ISSUES
- TLS CERTIFICATE EXPIRED
- TLS CERTIFICATE MISMATCH
- TLS UNSAFE CIPHER
- WEB MINING
- TLS SELF SIGNED CERTIFICATE
- BINARY APPLICATION TRANSFER
- KNOWN PROTOCOL ON NON STANDARD PORT
- INVALID SOURCE IP
- UNEXPECTED DHCP SERVER
- UNEXPECTED DNS SERVER
- UNEXPECTED SMTP SERVER
- UNEXPECTED NTP SERVER
- ZERO TCP WINDOW
- IEC INVALID TRANSITION
- REMOTE TO LOCAL INSECURE PROTO
- IEC UNEXPECTED TYPE ID
- TCP NO DATA EXCHANGED
- REMOTE ACCESS
- LATERAL MOVEMENT
- PERIODICITY CHANGED
- BROADCAST NON UDP TRAFFIC
- IEC INVALID COMMAND TRANSITION
- CONNECTION FAILED
- UNIDIRECTIONAL TRAFFIC
- CUSTOM LUA Script
- VLAN BIDIRECTIONAL TRAFFIC
- RARE DESTINATION
- MODBUS UNEXPECTED FUNCTION CODE
- MODBUS TOO MANY EXCEPTIONS
- MODBUS INVALID TRANSITION
- TCP FLOW RESET
- ACCESS CONTROL LIST
- HOST POLICY
- Remediations for Host Risks