diff options
| author | Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com> | 2024-10-07 16:45:51 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-10-07 15:45:51 +0200 |
| commit | 6cb16311324c3af7acb8edc0d4d0243642c95d25 (patch) | |
| tree | 42e3580e38a37fb2f09054ba38348b5db5702ded /tests/cfgs/default/result/dingtalk.pcap.out | |
| parent | 7629b94a2671611b302a7d95a5392f78c6729f77 (diff) | |
Add DingTalk protocol support (#2581)
Diffstat (limited to 'tests/cfgs/default/result/dingtalk.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/dingtalk.pcap.out | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/tests/cfgs/default/result/dingtalk.pcap.out b/tests/cfgs/default/result/dingtalk.pcap.out new file mode 100644 index 000000000..6be389285 --- /dev/null +++ b/tests/cfgs/default/result/dingtalk.pcap.out @@ -0,0 +1,33 @@ +DPI Packets (TCP): 11 (5.50 pkts/flow) +Confidence DPI : 2 (flows) +Num dissector calls: 313 (156.50 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache fpc_dns: 0/2/0 (insert/search/found) +Automa host: 1/1 (search/found) +Automa domain: 1/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 2/2 (search/found) +Patricia risk mask: 0/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 3/1 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +DingTalk 16 4890 2 + +Acceptable 16 4890 2 + +JA3 Host Stats: + IP Address # JA3C + 1 10.215.173.1 1 + + + 1 TCP 10.215.173.1:49352 <-> 104.166.182.25:443 [proto: 91.431/TLS.DingTalk][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 7][cat: Chat/9][7 pkts/897 bytes <-> 5 pkts/3701 bytes][Goodput ratio: 66/94][0.02 sec][Hostname/SNI: static.dingtalk.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.610 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 3/4 7/6 3/2][Pkt Len c2s/s2c min/avg/max/stddev: 40/40 128/740 552/3533 175/1396][TLSv1.3][JA3C: cd08e31494f9531f560d64c695473da9][JA4: t13d1516h2_8daaf6152771_e5627efa2ab1][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25] + 2 TCP 10.215.173.1:48910 <-> 47.246.133.39:443 [proto: 431/DingTalk][IP: 274/Alibaba][ClearText][Confidence: DPI][FPC: 274/Alibaba, Confidence: IP address][DPI packets: 4][cat: Chat/9][3 pkts/244 bytes <-> 1 pkts/48 bytes][Goodput ratio: 42/0][0.02 sec][PLAIN TEXT (android/3.0.28)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |