diff options
| author | Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com> | 2023-11-21 18:56:01 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-21 16:56:01 +0100 |
| commit | 35abafec4fabcb7ad91973e4e9d3c505589e47ca (patch) | |
| tree | 993a9571ae7c546e7b1354e5f7256517dee7557b /tests/cfgs/default/result/cassandra.pcap.out | |
| parent | ae6e6d61f0644ebe13adb7ef328ceb123daae818 (diff) | |
Get rid of Apache Cassandra false positives (#2159)
* Rewrite Apache Cassandra dissector
* Replace memcmp with strncmp
* Add payload length check
* Update Cassandra dissector
* Update test results
---------
Co-authored-by: 0xA50C1A1 <mage.wizard88@gmail.com>
Diffstat (limited to 'tests/cfgs/default/result/cassandra.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/cassandra.pcap.out | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/tests/cfgs/default/result/cassandra.pcap.out b/tests/cfgs/default/result/cassandra.pcap.out index 86e4701cd..6ae99e33b 100644 --- a/tests/cfgs/default/result/cassandra.pcap.out +++ b/tests/cfgs/default/result/cassandra.pcap.out @@ -1,8 +1,8 @@ Guessed flow protos: 0 -DPI Packets (TCP): 18 (9.00 pkts/flow) +DPI Packets (TCP): 16 (8.00 pkts/flow) Confidence DPI : 2 (flows) -Num dissector calls: 342 (171.00 diss/flow) +Num dissector calls: 302 (151.00 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache zoom: 0/0/0 (insert/search/found) @@ -25,5 +25,5 @@ Patricia protocols IPv6: 0/0 (search/found) Cassandra 286 126016 2 - 1 TCP 127.0.0.1:46536 <-> 127.0.0.1:9042 [proto: 264/Cassandra][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 9][cat: Database/11][75 pkts/9730 bytes <-> 69 pkts/78014 bytes][Goodput ratio: 49/94][200.04 sec][bytes ratio: -0.778 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3063/2427 32715/30000 8555/7658][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 130/1131 462/25214 82/4102][PLAIN TEXT (COMPRESSION)][Plen Bins: 8,16,44,9,5,0,6,3,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,2] - 2 TCP 127.0.0.1:46537 <-> 127.0.0.1:9042 [proto: 264/Cassandra][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 9][cat: Database/11][74 pkts/9855 bytes <-> 68 pkts/28417 bytes][Goodput ratio: 50/84][200.00 sec][bytes ratio: -0.485 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2835/2737 33012/33012 6521/6804][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 133/418 399/11512 80/1399][PLAIN TEXT (COMPRESSION)][Plen Bins: 13,13,32,12,5,2,1,6,0,1,1,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,3,0,0,0,1,0,0,0,0,0,1] + 1 TCP 127.0.0.1:46536 <-> 127.0.0.1:9042 [proto: 264/Cassandra][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 8][cat: Database/11][75 pkts/9730 bytes <-> 69 pkts/78014 bytes][Goodput ratio: 49/94][200.04 sec][bytes ratio: -0.778 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3063/2427 32715/30000 8555/7658][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 130/1131 462/25214 82/4102][PLAIN TEXT (COMPRESSION)][Plen Bins: 8,16,44,9,5,0,6,3,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,2] + 2 TCP 127.0.0.1:46537 <-> 127.0.0.1:9042 [proto: 264/Cassandra][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 8][cat: Database/11][74 pkts/9855 bytes <-> 68 pkts/28417 bytes][Goodput ratio: 50/84][200.00 sec][bytes ratio: -0.485 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2835/2737 33012/33012 6521/6804][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 133/418 399/11512 80/1399][PLAIN TEXT (COMPRESSION)][Plen Bins: 13,13,32,12,5,2,1,6,0,1,1,0,0,0,0,0,0,0,0,0,2,2,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,3,0,0,0,1,0,0,0,0,0,1] |