Fixed probing attempt risk that was creating false positives

author: Luca Deri <deri@ntop.org> 2024-08-07 11:35:17 +0200
committer: Luca Deri <deri@ntop.org> 2024-08-07 11:38:41 +0200
commit: fc4fb4d409c43af8b9bdbd9d0cf8d9b742408f26 (patch)
tree: c13a9e82256804cd9fad2d9fb5816e1c0f549081 /tests/cfgs/default/result/teamviewer.pcap.out
parent: 653175e72421822aeb7a60af14c07004dc6368e4 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/teamviewer.pcap.out b/tests/cfgs/default/result/teamviewer.pcap.out
index ff30db0d3..d9c818805 100644
--- a/tests/cfgs/default/result/teamviewer.pcap.out
+++ b/tests/cfgs/default/result/teamviewer.pcap.out
@@ -25,5 +25,5 @@ TeamViewer	352	172990	2
 
 Acceptable                     352 172990        2            
 
-	1	TCP 10.0.2.15:35732 <-> 162.250.2.170:5938 [proto: 148/TeamViewer][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: RemoteAccess/12][129 pkts/67997 bytes <-> 160 pkts/73349 bytes][Goodput ratio: 89/88][399.56 sec][bytes ratio: -0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3451/2522 50678/50677 9036/8571][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 527/458 1514/1514 537/563][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (XDsiBZ)][Plen Bins: 9,4,0,2,0,2,8,0,2,0,0,1,0,1,2,0,0,2,2,0,0,0,2,1,0,0,1,0,0,0,0,0,0,23,1,0,0,2,1,1,1,1,0,0,1,23,0,0]
+	1	TCP 10.0.2.15:35732 <-> 162.250.2.170:5938 [proto: 148/TeamViewer][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: RemoteAccess/12][129 pkts/67997 bytes <-> 160 pkts/73349 bytes][Goodput ratio: 89/88][399.56 sec][bytes ratio: -0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3451/2522 50678/50677 9036/8571][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 527/458 1514/1514 537/563][PLAIN TEXT (XDsiBZ)][Plen Bins: 9,4,0,2,0,2,8,0,2,0,0,1,0,1,2,0,0,2,2,0,0,0,2,1,0,0,1,0,0,0,0,0,0,23,1,0,0,2,1,1,1,1,0,0,1,23,0,0]
 	2	UDP 10.0.2.15:34417 <-> 93.47.224.241:36037 [proto: 148/TeamViewer][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: RemoteAccess/12][1 pkts/138 bytes <-> 62 pkts/31506 bytes][Goodput ratio: 69/92][1.32 sec][bytes ratio: -0.991 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/23 0/442 0/75][Pkt Len c2s/s2c min/avg/max/stddev: 138/58 138/508 138/1066 0/452][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found TeamViewer][PLAIN TEXT (93.47.224.241)][Plen Bins: 11,17,14,3,3,1,3,1,0,0,0,1,0,0,3,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,37,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Luca Deri <deri@ntop.org>	2024-08-07 11:35:17 +0200
committer	Luca Deri <deri@ntop.org>	2024-08-07 11:38:41 +0200
commit	fc4fb4d409c43af8b9bdbd9d0cf8d9b742408f26 (patch)
tree	c13a9e82256804cd9fad2d9fb5816e1c0f549081 /tests/cfgs/default/result/teamviewer.pcap.out
parent	653175e72421822aeb7a60af14c07004dc6368e4 (diff)