diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-07-23 08:50:27 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-23 08:50:27 +0200 |
| commit | 85501c9aaabf207b04e3fe961825385f9519f633 (patch) | |
| tree | 9aa1bc85e61707ac7ed17570c076f341bcb89e1b /tests/cfgs/default/result/tls_cipher_lens.pcap.out | |
| parent | b15337a32bcff7a0b0734cb60c6984229f07a7e5 (diff) | |
FPC: add DPI information (#2514)
If the flow is classified (via DPI) after the first packet, we should
use this information as FPC
Diffstat (limited to 'tests/cfgs/default/result/tls_cipher_lens.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/tls_cipher_lens.pcap.out | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/tests/cfgs/default/result/tls_cipher_lens.pcap.out b/tests/cfgs/default/result/tls_cipher_lens.pcap.out index 31256886b..dfb777b18 100644 --- a/tests/cfgs/default/result/tls_cipher_lens.pcap.out +++ b/tests/cfgs/default/result/tls_cipher_lens.pcap.out @@ -7,7 +7,7 @@ LRU cache stun: 0/0/0 (insert/search/found) LRU cache tls_cert: 0/4/0 (insert/search/found) LRU cache mining: 0/0/0 (insert/search/found) LRU cache msteams: 0/0/0 (insert/search/found) -LRU cache fpc_dns: 0/5/0 (insert/search/found) +LRU cache fpc_dns: 0/0/0 (insert/search/found) Automa host: 1/1 (search/found) Automa domain: 1/0 (search/found) Automa tls cert: 0/0 (search/found) @@ -31,8 +31,8 @@ JA3 Host Stats: 1 192.168.11.11 2 - 1 TCP 192.168.11.11:51587 -> 173.194.35.191:443 [proto: 91.126/TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: www.google.it][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][JA3C: 755cdaa3496eb8728247a639dee17aad][JA4: t10d360600_77f462745360_6072aad2e91d][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 TCP 192.168.11.11:51588 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][JA3C: 8eae3e18d36ce24c4ac6b9eeb84ac762][JA4: t10d660000_1ade43d4e5bc_e3b0c44298fc][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 3 TCP 192.168.11.11:51589 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 4 TCP 192.168.11.11:51590 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 5 TCP 192.168.11.11:51591 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.11.11:51587 -> 173.194.35.191:443 [proto: 91.126/TLS.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91.126/TLS.Google, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Hostname/SNI: www.google.it][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][JA3C: 755cdaa3496eb8728247a639dee17aad][JA4: t10d360600_77f462745360_6072aad2e91d][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 192.168.11.11:51588 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][JA3C: 8eae3e18d36ce24c4ac6b9eeb84ac762][JA4: t10d660000_1ade43d4e5bc_e3b0c44298fc][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 TCP 192.168.11.11:51589 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 4 TCP 192.168.11.11:51590 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 5 TCP 192.168.11.11:51591 -> 173.194.35.191:443 [proto: 91/TLS][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][1 pkts/233 bytes -> 0 pkts/0 bytes][Goodput ratio: 76/0][< 1 sec][Risk: ** Obsolete TLS (v1.1 or older) **** Unidirectional Traffic **** Probing attempt **][Risk Score: 160][Risk Info: No server to client traffic / TLSv1 / TCP connection with unidirectional traffic][TLSv1][PLAIN TEXT (www.google.it)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |