aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out
diff options
context:
space:
mode:
authorToni <matzeton@googlemail.com>2024-05-09 15:24:11 +0200
committerGitHub <noreply@github.com>2024-05-09 15:24:11 +0200
commit18e03a26ca781490f06bfdbd34628614fcb65ca9 (patch)
tree8f2d7033aa0fe3a695134e7554c624be3e8fb472 /tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out
parentb65a755e8569d428732f54bc72f7da3ffb94a3ff (diff)
Add extra entropy checks and more precise(?) analysis. (#2383)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out')
-rw-r--r--tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out b/tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out
index b306c7a6a..8d9025ef3 100644
--- a/tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out
+++ b/tests/cfgs/default/result/ipsec_isakmp_esp.pcap.out
@@ -28,7 +28,7 @@ Safe 834 451722 24
2 UDP 192.168.2.100:10500 <-> 109.237.187.227:500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][54 pkts/44820 bytes <-> 53 pkts/11118 bytes][Goodput ratio: 95/80][< 1 sec][bytes ratio: 0.602 (Upload)][IAT c2s/s2c min/avg/max/stddev: 28/27 689892/698588 12245747/12245747 1998175/2019137][Pkt Len c2s/s2c min/avg/max/stddev: 818/94 830/210 842/330 12/118][PLAIN TEXT (rMpKau6)][Plen Bins: 0,25,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.2.100:14500 <-> 109.237.187.195:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][42 pkts/30020 bytes <-> 48 pkts/21472 bytes][Goodput ratio: 94/91][15275.72 sec][bytes ratio: 0.166 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 85008/72283 1429414/1429546 288620/266457][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 715/447 1374/1374 518/432][PLAIN TEXT (@yIwAf)][Plen Bins: 0,0,8,13,26,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,4,2,0,0,0,6,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0]
4 UDP 192.168.2.100:14500 <-> 109.237.187.193:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][43 pkts/32226 bytes <-> 47 pkts/14246 bytes][Goodput ratio: 94/86][18892.62 sec][bytes ratio: 0.387 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 66479/485440637135486976 1521662/18446744073664032328 281113/0][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 749/303 1374/1070 516/284][PLAIN TEXT (@7Ac9 )][Plen Bins: 0,0,12,13,27,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,7,0,0,0,5,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0]
- 5 UDP 192.168.2.100:14500 <-> 109.237.187.225:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][34 pkts/24848 bytes <-> 41 pkts/17850 bytes][Goodput ratio: 94/90][11474.04 sec][bytes ratio: 0.164 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 55649/558992261317132288 1440343/18446744073651596977 276939/0][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 731/435 1374/1374 517/426][Risk: ** Malformed Packet **][Risk Score: 10][Risk Info: No server to client traffic / Invalid IPSec/ISAKMP Header][PLAIN TEXT (17Uv 2)][Plen Bins: 0,0,9,13,26,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,4,2,0,0,0,6,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0]
+ 5 UDP 192.168.2.100:14500 <-> 109.237.187.225:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][34 pkts/24848 bytes <-> 41 pkts/17850 bytes][Goodput ratio: 94/90][11474.04 sec][bytes ratio: 0.164 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 55649/558992261317132288 1440343/18446744073651596977 276939/0][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 731/435 1374/1374 517/426][Risk: ** Malformed Packet **** Susp Entropy **][Risk Score: 20][Risk Info: No server to client traffic / Invalid IPSec/ISAKMP Header / Entropy: 7.746 (Encrypted or Random?)][PLAIN TEXT (17Uv 2)][Plen Bins: 0,0,9,13,26,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,4,2,0,0,0,6,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0]
6 UDP 192.168.2.100:14500 <-> 109.237.187.194:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][22 pkts/15216 bytes <-> 23 pkts/8650 bytes][Goodput ratio: 94/89][13749.36 sec][bytes ratio: 0.275 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 60292/56941 1020541/1007809 240062/230637][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 692/376 1374/1374 518/361][Plen Bins: 0,0,8,13,29,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,2,6,0,0,0,4,0,0,0,0,0,0,0,0,15,0,0,0,0,0,0]
7 UDP 192.168.2.100:14500 <-> 109.237.187.131:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][21 pkts/15042 bytes <-> 24 pkts/7632 bytes][Goodput ratio: 94/87][10912.86 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 27756/24780 439840/418574 106400/93007][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 716/318 1374/1070 518/302][PLAIN TEXT (90dItt)][Plen Bins: 0,0,13,13,27,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0]
8 UDP 192.168.2.100:14500 <-> 109.237.187.227:4500 [proto: 79/IPSec][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][21 pkts/15042 bytes <-> 24 pkts/7632 bytes][Goodput ratio: 94/87][< 1 sec][bytes ratio: 0.327 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 31247/27702 496263/483419 120067/107511][Pkt Len c2s/s2c min/avg/max/stddev: 138/122 716/318 1374/1070 518/302][PLAIN TEXT (@EmPAT)][Plen Bins: 0,0,13,13,27,0,6,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,6,0,0,6,0,0,0,6,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.