aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/malformed_dns.pcap.out
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2024-07-23 08:50:27 +0200
committerGitHub <noreply@github.com>2024-07-23 08:50:27 +0200
commit85501c9aaabf207b04e3fe961825385f9519f633 (patch)
tree9aa1bc85e61707ac7ed17570c076f341bcb89e1b /tests/cfgs/default/result/malformed_dns.pcap.out
parentb15337a32bcff7a0b0734cb60c6984229f07a7e5 (diff)
FPC: add DPI information (#2514)
If the flow is classified (via DPI) after the first packet, we should use this information as FPC
Diffstat (limited to 'tests/cfgs/default/result/malformed_dns.pcap.out')
-rw-r--r--tests/cfgs/default/result/malformed_dns.pcap.out4
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/cfgs/default/result/malformed_dns.pcap.out b/tests/cfgs/default/result/malformed_dns.pcap.out
index dee100ea7..03b9c66a6 100644
--- a/tests/cfgs/default/result/malformed_dns.pcap.out
+++ b/tests/cfgs/default/result/malformed_dns.pcap.out
@@ -7,7 +7,7 @@ LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
-LRU cache fpc_dns: 0/1/0 (insert/search/found)
+LRU cache fpc_dns: 0/0/0 (insert/search/found)
Automa host: 2/0 (search/found)
Automa domain: 2/0 (search/found)
Automa tls cert: 0/0 (search/found)
@@ -24,4 +24,4 @@ DNS 6 5860 1
Acceptable 6 5860 1
- 1 UDP 127.0.0.1:50435 <-> 127.0.0.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 2][cat: Network/14][2 pkts/140 bytes <-> 4 pkts/5720 bytes][Goodput ratio: 40/97][5.03 sec][Hostname/SNI: www.xt.com][66.66.66.66][bytes ratio: -0.952 (Download)][IAT c2s/s2c min/avg/max/stddev: 4999/13 4999/1670 4999/4983 0/2343][Pkt Len c2s/s2c min/avg/max/stddev: 70/1430 70/1430 70/1430 0/0][Risk: ** Malformed Packet **** Large DNS Packet (512+ bytes) **** Minor Issues **][Risk Score: 70][Risk Info: DNS Record with zero TTL / Invalid DNS Query Lenght / 1388 Bytes DNS Packet][PLAIN TEXT (AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA)][Plen Bins: 33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0]
+ 1 UDP 127.0.0.1:50435 <-> 127.0.0.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][2 pkts/140 bytes <-> 4 pkts/5720 bytes][Goodput ratio: 40/97][5.03 sec][Hostname/SNI: www.xt.com][66.66.66.66][bytes ratio: -0.952 (Download)][IAT c2s/s2c min/avg/max/stddev: 4999/13 4999/1670 4999/4983 0/2343][Pkt Len c2s/s2c min/avg/max/stddev: 70/1430 70/1430 70/1430 0/0][Risk: ** Malformed Packet **** Large DNS Packet (512+ bytes) **** Minor Issues **][Risk Score: 70][Risk Info: DNS Record with zero TTL / Invalid DNS Query Lenght / 1388 Bytes DNS Packet][PLAIN TEXT (AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA)][Plen Bins: 33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,66,0,0,0,0]
Powered by cgit, Themed by Ted Yin.