update

author: Luca Deri <deri@ntop.org> 2022-04-01 19:07:46 +0200
committer: Luca Deri <deri@ntop.org> 2022-04-01 19:07:46 +0200
commit: 9f3a6f131b228cd7a8094610e993141a8c8b2fd7 (patch)
tree: 6076df49b0b03d77044bc0921cfb2a82886b6c44
parent: 32a7d4246904470f85ab1298b8d5e01ad920d36b (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/result/starcraft_battle.pcap.out b/tests/result/starcraft_battle.pcap.out
index 58ec6c70c..e2fb02d8c 100644
--- a/tests/result/starcraft_battle.pcap.out
+++ b/tests/result/starcraft_battle.pcap.out
@@ -17,7 +17,7 @@ Google	22	2184	5
 Github	3	234	1
 Starcraft	236	51494	6
 
-	1	TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Goodput ratio: 4/96][3.22 sec][Hostname/SNI: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/3 2914/58 341/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56/1451 241/1514 20/291][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: Blizzard Web Client][Risk: ** Binary Application Transfer **][Risk Score: 250][PLAIN TEXT (GET /sc)][Plen Bins: 0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
+	1	TCP 192.168.1.100:3508 <-> 87.248.221.254:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Download/7][90 pkts/5059 bytes <-> 89 pkts/129145 bytes][Goodput ratio: 4/96][3.22 sec][Hostname/SNI: llnw.blizzard.com][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/3 2914/58 341/11][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 56/1451 241/1514 20/291][URL: llnw.blizzard.com/sc2-pod-retail/AF11CD00/EU/24621.direct/s2-36281-BA356DD57557728843CAF63A12C79AA3.mfil][StatusCode: 200][Content-Type: application/octet-stream][User-Agent: Blizzard Web Client][Risk: ** Binary Application Transfer **** Suspicious DGA Domain name **][Risk Score: 350][PLAIN TEXT (GET /sc)][Plen Bins: 0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0]
 	2	TCP 192.168.1.100:3517 <-> 213.248.127.130:1119 [proto: 213/Starcraft][ClearText][Confidence: DPI][cat: Game/8][126 pkts/9157 bytes <-> 89 pkts/41021 bytes][Goodput ratio: 26/88][3.83 sec][bytes ratio: -0.635 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 30/37 1016/1086 104/133][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 73/461 249/1514 28/593][PLAIN TEXT (matteobracci1@gmail.com)][Plen Bins: 76,2,2,2,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,13,0,0]
 	3	TCP 192.168.1.100:3527 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][15 pkts/971 bytes <-> 26 pkts/36462 bytes][Goodput ratio: 15/96][0.10 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][bytes ratio: -0.948 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/3 33/34 13/9][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 65/1402 203/1514 37/387][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/gc/GCF1DHMH8FDY1434670037434.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0]
 	4	TCP 192.168.1.100:3528 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][11 pkts/755 bytes <-> 18 pkts/24350 bytes][Goodput ratio: 20/96][0.10 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][bytes ratio: -0.940 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 12/4 37/64 16/16][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 69/1353 203/1514 43/456][URL: bnetcmsus-a.akamaihd.net/cms/bnet_thumbnail/4j/4J7OUIISCLTQ1436943629210.jpg][StatusCode: 200][Content-Type: image/jpeg][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,94,0,0]
@@ -41,7 +41,7 @@ Starcraft	236	51494	6
 	22	UDP 192.168.1.100:55468 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/168 bytes <-> 2 pkts/388 bytes][Goodput ratio: 50/78][0.09 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][2.228.46.112][PLAIN TEXT (bnetcmsus)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	23	UDP 173.194.40.22:443 <-> 192.168.1.100:53568 [proto: 126/Google][Encrypted][Confidence: Match by IP][cat: Web/5][3 pkts/243 bytes <-> 3 pkts/232 bytes][Goodput ratio: 48/45][28.94 sec][bytes ratio: 0.023 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 13855/13940 14457/14457 15059/14974 602/517][Pkt Len c2s/s2c min/avg/max/stddev: 77/66 81/77 83/83 3/8][Plen Bins: 16,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	24	UDP 192.168.1.100:58851 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/173 bytes <-> 2 pkts/282 bytes][Goodput ratio: 51/70][0.05 sec][Hostname/SNI: 110.212.58.216.in-addr.arpa][::][Plen Bins: 0,50,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	25	UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Goodput ratio: 45/71][0.08 sec][Hostname/SNI: llnw.blizzard.com][87.248.221.254][PLAIN TEXT (blizzard)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	25	UDP 192.168.1.100:60026 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/154 bytes <-> 2 pkts/288 bytes][Goodput ratio: 45/71][0.08 sec][Hostname/SNI: llnw.blizzard.com][87.248.221.254][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][PLAIN TEXT (blizzard)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	26	UDP 192.168.1.100:58818 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/260 bytes][Goodput ratio: 51/67][0.06 sec][Hostname/SNI: 100.1.168.192.in-addr.arpa][::][PLAIN TEXT (dynect)][Plen Bins: 0,50,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	27	UDP 192.168.1.100:58831 <-> 192.168.1.254:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/172 bytes <-> 2 pkts/245 bytes][Goodput ratio: 51/65][0.17 sec][Hostname/SNI: 26.186.239.80.in-addr.arpa][::][Risk: ** Error Code Detected **][Risk Score: 10][PLAIN TEXT (signup)][Plen Bins: 0,75,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	28	TCP 192.168.1.100:3532 <-> 2.228.46.112:80 [proto: 7/HTTP][ClearText][Confidence: DPI][cat: Web/5][3 pkts/320 bytes <-> 1 pkts/66 bytes][Goodput ratio: 45/0][0.04 sec][Hostname/SNI: bnetcmsus-a.akamaihd.net][URL: bnetcmsus-a.akamaihd.net/cms/bnet_header/78/78XH2UNU4JYK1434560551687.jpg][StatusCode: 0][User-Agent: Battle.net Web Client][PLAIN TEXT (GET /cms/bnet)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Luca Deri <deri@ntop.org>	2022-04-01 19:07:46 +0200
committer	Luca Deri <deri@ntop.org>	2022-04-01 19:07:46 +0200
commit	9f3a6f131b228cd7a8094610e993141a8c8b2fd7 (patch)
tree	6076df49b0b03d77044bc0921cfb2a82886b6c44
parent	32a7d4246904470f85ab1298b8d5e01ad920d36b (diff)