aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2022-06-05 11:34:10 +0200
committerLuca Deri <deri@ntop.org>2022-06-05 11:34:10 +0200
commit59c084b166c814a4331d91e176e757126f9373e9 (patch)
tree5fe6702953572c43195e639d3bf2c1b195456ddc
parent2202365b951e7469ff805baf5bf631a8d9a9ec8a (diff)
Updated test results
Diffstat
-rw-r--r--tests/result/alexa-app.pcapng.out2
-rw-r--r--tests/result/gnutella.pcap.out2
2 files changed, 2 insertions, 2 deletions
diff --git a/tests/result/alexa-app.pcapng.out b/tests/result/alexa-app.pcapng.out
index 80b3bdf2e..fa64b1b27 100644
--- a/tests/result/alexa-app.pcapng.out
+++ b/tests/result/alexa-app.pcapng.out
@@ -132,7 +132,7 @@ JA3 Host Stats:
105 TCP 172.16.42.216:45679 <-> 52.94.232.134:443 [proto: 91.178/TLS.Amazon][Encrypted][Confidence: DPI][cat: Web/5][8 pkts/750 bytes <-> 5 pkts/428 bytes][Goodput ratio: 40/32][1.90 sec][Hostname/SNI: pitangui.amazon.com][ALPN: h2;http/1.1][bytes ratio: 0.273 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 44/87 101/159 37/66][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 94/86 293/139 78/32][Risk: ** Weak TLS Cipher **** Malicious JA3 Fingerp. **][Risk Score: 150][Risk Info: d551fafc4f40f1dec2bb45980bfa9492 / Cipher 0000002F][TLSv1.2][JA3C: d551fafc4f40f1dec2bb45980bfa9492][JA3S: 18e962e106761869a61045bed0e81c2c (WEAK)][Cipher: TLS_RSA_WITH_AES_128_CBC_SHA][Plen Bins: 0,50,25,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
106 TCP 172.16.42.216:35540 <-> 172.217.9.142:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: ConnCheck/30][4 pkts/460 bytes <-> 3 pkts/289 bytes][Goodput ratio: 41/29][0.09 sec][Hostname/SNI: connectivitycheck.android.com][bytes ratio: 0.228 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 30/24 45/48 20/24][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/96 254/149 80/37][URL: connectivitycheck.android.com/generate_204][StatusCode: 204][User-Agent: Dalvik/2.1.0 (Linux; U; Android 5.1.1; LGLS751 Build/LMY47V)][PLAIN TEXT (GET /generate)][Plen Bins: 0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
107 TCP 172.16.42.216:60246 <-> 172.217.9.142:80 [proto: 7.126/HTTP.Google][ClearText][Confidence: DPI][cat: ConnCheck/30][4 pkts/460 bytes <-> 3 pkts/289 bytes][Goodput ratio: 41/29][0.14 sec][Hostname/SNI: connectivitycheck.android.com][bytes ratio: 0.228 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/8 45/48 94/89 37/40][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 115/96 254/149 80/37][URL: connectivitycheck.android.com/generate_204][StatusCode: 204][User-Agent: Dalvik/2.1.0 (Linux; U; Android 5.1.1; LGLS751 Build/LMY47V)][PLAIN TEXT (GET /generate)][Plen Bins: 0,0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 108 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/714 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Hostname/SNI: android-1c1335ec95a27318][DHCP Fingerprint: 1,33,3,6,15,26,28][DHCP Class Ident: dhcpcd-5.5.6][PLAIN TEXT (android)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 108 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/714 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Hostname/SNI: android-1c1335ec95a27318][DHCP Fingerprint: 1,33,3,6,15,26,28,51,58,59][DHCP Class Ident: dhcpcd-5.5.6][PLAIN TEXT (android)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
109 TCP 172.16.42.216:40200 -> 10.201.126.241:8080 [proto: 131/HTTP_Proxy][ClearText][Confidence: Match by port][cat: Web/5][8 pkts/572 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][127.39 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 990/0 18197/0 64239/0 21317/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 72/0 74/0 7/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
110 TCP 172.16.42.216:40202 -> 10.201.126.241:8080 [proto: 131/HTTP_Proxy][ClearText][Confidence: Match by port][cat: Web/5][8 pkts/572 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][127.28 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1069/0 18182/0 64160/0 21286/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 72/0 74/0 7/0][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
111 TCP 172.16.42.216:49627 <-> 52.94.232.134:80 [proto: 7.265/HTTP.AmazonAWS][ClearText][Confidence: Match by IP][cat: Cloud/13][6 pkts/364 bytes <-> 3 pkts/184 bytes][Goodput ratio: 0/0][1.34 sec][bytes ratio: 0.328 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/0 267/0 997/0 373/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 61/61 74/62 9/1][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/gnutella.pcap.out b/tests/result/gnutella.pcap.out
index af4470259..3533ca197 100644
--- a/tests/result/gnutella.pcap.out
+++ b/tests/result/gnutella.pcap.out
@@ -155,7 +155,7 @@ JA3 Host Stats:
123 UDP 10.0.2.15:28681 -> 72.201.208.57:38617 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/369 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][67.59 sec][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
124 UDP 10.0.2.15:28681 -> 96.246.156.126:50297 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/369 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][73.11 sec][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
125 UDP 10.0.2.15:28681 -> 185.203.218.92:56962 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/369 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][62.65 sec][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 126 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/356 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Hostname/SNI: msedgewin10][DHCP Fingerprint: 1,3,6,15,31,33,43,44,46,47,119][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSEDGEWIN)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 126 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][ClearText][Confidence: DPI][cat: Network/14][1 pkts/356 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Hostname/SNI: msedgewin10][DHCP Fingerprint: 1,3,6,15,31,33,43,44,46,47,119,121,249,252][DHCP Class Ident: MSFT 5.0][PLAIN TEXT (MSEDGEWIN)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
127 ICMP 10.0.2.2:0 -> 10.0.2.15:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][4 pkts/280 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][24.27 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
128 UDP 10.0.2.15:28681 -> 81.205.91.45:38297 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][2 pkts/251 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][5.50 sec][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
129 UDP 10.0.2.15:28681 -> 198.58.218.12:47912 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][2 pkts/251 bytes -> 0 pkts/0 bytes][Goodput ratio: 66/0][5.88 sec][Risk: ** Unsafe Protocol **][Risk Score: 10][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.