D4 core version 0.2 has been released

D4 core version 0.2 has been released

New version released - v0.2 of D4 core

After the initial design and implementation of the D4 protocol, we released a new version of the D4 core server software which includes the following changes:

  • Support for IPv6 has been added;
  • Compression with gzip has been added to the type (1:pcap) analyzer;
  • New worker type (8:dnscap). It pushes dnscap lines in a redis queue towards the appropriate analyzer for further processing (e.g. used in the Passive DNS analyzer);
  • Manage black-lists from the sensor management interface per CIDR block;
  • Custom filter per sensor is now supported;
  • Many improvements in the sensor management and monitoring.

New release - v0.1 of D4-goclient

d4-goclient

Release Software License Go Report Card

We release a first version of the cross-platform Go client. It has the following features:

  • Encapsulates whatever it is given in input with D4 protocol;
  • Retries on connection lost;
  • Can connect directly to a D4-server to avoid using socat for transport;
  • Can verify D4-server’s certificate against a user-provided CA certificate.

FIC 2019 - Forum International de la Cybersécurité in Lille (22-23 January 2019)

During the FIC 2019, D4 project was present to show the goal of the project but also the existing sensor network software.

D4 workshop at SUNET (Sweden)

A first D4 workshop (7th February 2019) has been done at SUNET (thanks to them for hosting us). The presentation is available online which covers the basics behind the D4 project. Useful feedback was gathered during the workshop and especially some insightful discussions on the additional techniques of monitoring of DDoS.

circl
circl Computer Incident Response Center Luxembourg (CIRCL)