Mothra Release 1.7.0, 2025-Jan-29

Downloads

mothra-1.7.0-src.tar.gz (1.8MiB)
Source code release

(SHA256=f83ce3754840ce482d6194f16406ba1093af58427cb986db92c9e853d39ffea7)

mothra-1.7.0-scaladoc.jar (6.1MiB)
API documentation archive

(SHA256=95e5c70ee80f455b382a05349549b33777191c0ec8511e0c707ac18f97bf944c)

mothra-1.7.0-tools.tar.gz (1.2MiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=252f1b83ffcf31a474aa8e9e6c7cb282ccead7bd094182008c1bffd747e0249c)

mothra-python-1.7.0.tar.gz (59KiB)
Python package source release

(SHA256=53ab5441d63c562f5b42078a1d38fd2da1e8115c6b9b8c4793651affb32e72ae)

Notes

  • Spark 2 and Scala 2.11 are no longer supported.
  • netsa-data
    • API of IPv6Address changed slightly to prevent unintended data aliasing.
  • netsa-io-silk
    • Time precisions of up to nanosecond precision are now supported.
    • Read new SiLK flow formats as of SiLK 3.23:
      • FT_RWAUGMENTED version 6
      • FT_RWAUGROUTING version 6
      • FT_RWAUGWEB version 6
      • FT_RWGENERIC version 6
      • FT_RWIPV6 version 3
      • FT_RWIPV6ROUTING version 4
    • New RWRecWriter.forOutputStream family of API calls to support a choice between flow output formats. (This is needed to both allow nanosecond precision output and to allow writing files readable by versions of SiLK previous to 3.23.)
      • FT_RWIPV6ROUTING version 1 (previously supported)
      • FT_RWIPV6ROUTING version 4 (new for nanosecond support)
      • forOutputStream uses the default format (maximum data retention)
      • forOutputStreamFormat lets you choose a format and version
      • forOutputStreamPrecision lets you specify a time precision
    • SiLK RWRec records now store startTime and endTime, matching version 3.23 of SiLK's internals. Previously, times were constructed using startTime and duration.
  • Build
    • Configuration updated to use a more recent version of Mill.
    • No longer produces partial assemblies (w/o Spark and its dependencies).

Mothra Release 1.6.0, 2022-Jun-15

Downloads

mothra-1.6.0-src.tar.gz (1.5MiB)
Source code release

(SHA256=6c1931d6d676a96ad86e0da93806c9912213e06d5355a2e007aaf19e894fb88e)

mothra-1.6.0-bin.tar.gz (28.5MiB)
Pre-compiled "full" jar files and supporting documentation

(SHA256=8cac79607d4bc39ec5f058745440ce1e8e601cdaff83ffecae7472c612268bb9)

mothra-1.6.0-tools.tar.gz (944.8KiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=9e663b2bc83418d32c47dd2f467e8e72f172031c7f8af43367660e036dcb9b35)

Notes

  • Spark 3 and Scala 2.13 are now supported
    • Mothra now supports Spark 3 with Scala 2.12 or Scala 2.13.
    • Libraries for Spark 2.x now have spark-2 in their artifact ID. For example: "mothra_spark-2_2.12" is the version for Spark 2, while "mothra_2.12" is the version for Spark 3.
    • Build dependencies and build targets have changed! This should result in a lot less re-building of modules that don't depend on Spark. See README.dev.md for details on how to build.
    • Spark 2 with Scala 2.11 is still supported for now.
  • netsa-io-silk
    • SiLK file compression is now handled directly without any dependency on Apache Hadoop. This should make handling for all SiLK compressed files work consistently and without Hadoop codec configuration.

Mothra Release 1.5.3, 2022-Jun-13

Downloads

mothra-1.5.3-src.tar.gz (1.5MiB)
Source code release

(SHA256=7558a82f87f198cb6c05d5d25fbbb7998f2b8f136ad374ce0ffeaf583c1a171c)

mothra-1.5.3-bin.tar.gz (13.2MiB)
Pre-compiled "full" jar files and supporting documentation

(SHA256=93834b65bee52cdfdb6ea2b94de1947c0265ad081718e9c231ae10d68c84b1fc)

mothra-1.5.3-tools.tar.gz (948.3KiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=7ed376e2e291f6b1ef92ffc87e7c9693b9abc870fe0251dd9baf3c1901c1c36a)

Notes

  • Data Files
    • CERT and IANA data files updated to current as of 2022-06-13. (This includes new IPFIX IEs from super_mediator 1.9.0 release.)

Mothra Release 1.5.2, 2022-May-2

Downloads

mothra-1.5.2-src.tar.gz (1.5MiB)
Source code release

(SHA256=f781249e3492444c24bbba43980e7d6d4630872243af4eba823ebf88ddc8c728)

mothra-1.5.2-bin.tar.gz (13.2MiB)
Pre-compiled "full" jar files and supporting documentation

(SHA256=3f944c8249dff73be2f06ed4a0097c4cf72eb0a3f0cd206e27075312c9b50c75)

mothra-1.5.2-tools.tar.gz (948.3KiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=b6e0030a4a69f29b44c5b733561050fe48b32f29cc7dca8d33e3df2549533667)

Notes

  • mothra-datasources-ipfix
    • In IPFIXFieldParsing, the default struct field names given to IE elements are now the name of the IE rather than verbose IE details.
  • netsa-io-silk
    • Implementations of & and | on TCPState are no longer reversed.
  • Unit Tests
    • Spark-session based tests now use localhost explicitly to make them less sensitive to local network configuration.

Mothra Release 1.5.1, 2022-Feb-14

Downloads

mothra-1.5.1-src.tar.gz (1.5MiB)
Source code release

(SHA256=e017be5f2b042f140fa3b96ffc809ff246ef0a6c50e2ec2e4604a0030b7a8ddc)

mothra-1.5.1-bin.tar.gz (13.2MiB)
Pre-compiled "full" jar files and supporting documentation

(SHA256=073a34bd0d0b35d64a514b50d1b8170a5628b1e161eb820e9608d7ae9cebe6a3)

mothra-1.5.1-tools.tar.gz (948.3KiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=5a30694d286ba6b11c534f55629fdd6f384ee2c96cd72806480aa6479e75dcdd)

Notes

  • Documentation
    • Numerous pieces of API documentation added or brought up to date
  • netsa_data
    • toInt methods added to appropriate org.cert.netsa.data.net types
    • Use correct ClassLoaders for data resources to improve compatibility with Apache NiFi
  • mothra_datasources_ipfix
    • Removed confusing no-longer-operational LegacyIPFIXFields
    • Added HTTP and other remaining DPI protocols to IPFIXFields.dpi
    • Added DHCP fingerprinting plugin fields to IPFIXFields.plugins
    • Added miscellaneous debugging fields to IPFIXFields.cert_tool

Mothra Release 1.5.0, 2022-Jan-4

Downloads

mothra-1.5.0-src.tar.gz (1.5MiB)
Source code release

(SHA256=9bbebcc444699e7d18adcb188167488c26b407c8adb4919fda366b733335b971)

mothra-1.5.0-bin.tar.gz (13.2MiB)
Pre-compiled "full" jar files and supporting documentation

(SHA256=abeef7b3d5fe5851f77eb6abadb1922cbb2859c5ae41224de8e9988c54ecc12f)

mothra-1.5.0-tools.tar.gz (949.9KiB)
Automatic download bootstrap tool scripts and man pages

(SHA256=844678e6fad3e5a3f1678e02c122c1f082bc35efd5a5bf1fd348ac7f9eb55af5)

Notes

  • First public release.