Microolap EtherSensor Changelog

What's new in Microolap EtherSensor 5.0.3.12929

Jun 22, 2018

Runtime environment:
Windows Server 2008, Windows Server 2012, Windows Server 2016.
Data sources and objects capture:
EtherSensor EtherCAP service:
Updated FTP interception in case the client and/or server are behind NAT.
Improved work with fragmented IP packets.
Integration with the updated IPC at the operating system kernel level.
Captured objects analysis:
Updated detectors: odnoklassniki.ru, !generic.
Added field <PRI> to the CEF log for HTTP requests.
Fixed the composing of the CEF|SquidAccess string. Excess slash in request following "=" was possible: request=/https://r3--.
Delivering analysis results to consumer system:
Updated libraries iwthrift.dll, libcrypto-1_1-x64.dll, libcurl.dll, libssh2.dll, libssl-1_1-x64.dll, libxml2.dll, libxmlsec-openssl.dll, libxmlsec.dll, libxslt.dll, zlib1.dll.
Added download/upload direction for SMB events in the InfoWatch Traffic Monitor.
Added download/upload direction for FTP events in the InfoWatch Traffic Monitor.
Fixed a rarely reproducible error when converting messages to EML: in some cases the line breaks in the headers were not handled correctly.
Fixed a minor error in the calculation of the amount of data sent to the consuming system.
Updated Lua script for SYSLOG transport, included in the distribution.
Fixed a bug in Lua engine for SYSLOG transport: incorrect retrieval of message body content in Lua script.
Logging:
A more accurate calculation and display of performance counters.
Configuration console:
The ability to delete quoted results is added.
Added the ability to empty EtherSensor logs.
The "Apply" button has been added to the service settings: it saves the changes and restarts the service (services).
The logic of controlling the start and stop of services when updating EtherSensor is improved.
Updater:
Improved the performance of the update service through a proxy server.
Fixed handling of Russian characters in the update service configuration.