PL - IPv6 http://pierre.droids-corp.org/blog/html/ Mon SYN, tu l'aimes et tu l'acquittes en-us Tue, 25 Jun 2019 00:00:00 +0200 http://pierre.droids-corp.org/blog/html/2019/06/25/ivre_v0_9_13_release.html http://pierre.droids-corp.org/blog/html/2019/06/25/ivre_v0_9_13_release.html <![CDATA[IVRE v0.9.13 release]]> IVRE v0.9.13 release

IVRE version 0.9.13 has been released, and is available on Github, PyPI and AUR.

Changelog

The most notable changes since version 0.9.12 include:

  • Support for JA3 fingerprints and User-Agent values in view (Vincent Ruello)
  • IPv6 support:
    • in utils.get_addr_type() (Vivien Venuti)
    • DNS (AAAA) answers in passive (Angélique Baille)
  • Support DNS blacklist answers in passive (Marion Lafon)

Read more...

]]>
Tue, 25 Jun 2019 00:00:00 +0200
http://pierre.droids-corp.org/blog/html/2019/09/25/ivre_v0_9_14_release.html http://pierre.droids-corp.org/blog/html/2019/09/25/ivre_v0_9_14_release.html <![CDATA[IVRE v0.9.14 release]]> IVRE v0.9.14 release

IVRE version 0.9.14 has just been released (three months after version 0.9.13), and is available on Github, PyPI and AUR.

Changelog

The most notable changes since version 0.9.13 include:

  • Support for the MongoDB backend in flow (Vincent Ruello); the Neo4j backend is now deprecated and will be dropped in a near future.
  • Support for an experimental Elasticsearch backend in view (Angélique Baille); while it is far from comprehensive for now, it is enough to store view data in an Elasticsearch database and access if from other Elasticsearch-based tools, such as Kibana (the documentation already has a section IVRE with Kibana covering this; see also the screenshots).
  • IPv6 support in DNS blacklist answers (Olivier Croquin).

Read more...

]]>
Wed, 25 Sep 2019 00:00:00 +0200