diff options
| author | Luca Deri <deri@ntop.org> | 2024-08-07 11:35:17 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2024-08-07 11:38:41 +0200 |
| commit | fc4fb4d409c43af8b9bdbd9d0cf8d9b742408f26 (patch) | |
| tree | c13a9e82256804cd9fad2d9fb5816e1c0f549081 /tests/cfgs/default/result/tls_port_80.pcapng.out | |
| parent | 653175e72421822aeb7a60af14c07004dc6368e4 (diff) | |
Fixed probing attempt risk that was creating false positives
Diffstat (limited to 'tests/cfgs/default/result/tls_port_80.pcapng.out')
| -rw-r--r-- | tests/cfgs/default/result/tls_port_80.pcapng.out | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/tls_port_80.pcapng.out b/tests/cfgs/default/result/tls_port_80.pcapng.out index 1ec3b1912..b824873d6 100644 --- a/tests/cfgs/default/result/tls_port_80.pcapng.out +++ b/tests/cfgs/default/result/tls_port_80.pcapng.out @@ -29,4 +29,4 @@ JA3 Host Stats: 1 57.91.202.194 1 - 1 TCP 57.91.202.194:50541 <-> 132.49.141.56:80 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 13][cat: Web/5][5 pkts/563 bytes <-> 8 pkts/1876 bytes][Goodput ratio: 43/72][14.65 sec][bytes ratio: -0.538 (Download)][IAT c2s/s2c min/avg/max/stddev: 1011/3433 2355/3433 3621/3433 1067/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/234 299/1414 93/446][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** Probing attempt **][Risk Score: 160][Risk Info: No ALPN / SNI should always be present / Expected on port 443 / TLS/QUIC Probing][TLSv1.2][JA3C: 3f2fba0262b1a22b739126dfb2fe7a7d][JA4: t12d550500_168bb377f8c8_a1e935682795][JA3S: 107030a763c7224285717ff1569a17f3][Firefox][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][PLAIN TEXT (AnyNet Root CA1 0)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0] + 1 TCP 57.91.202.194:50541 <-> 132.49.141.56:80 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 13][cat: Web/5][5 pkts/563 bytes <-> 8 pkts/1876 bytes][Goodput ratio: 43/72][14.65 sec][bytes ratio: -0.538 (Download)][IAT c2s/s2c min/avg/max/stddev: 1011/3433 2355/3433 3621/3433 1067/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/234 299/1414 93/446][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **][Risk Score: 110][Risk Info: No ALPN / SNI should always be present / Expected on port 443][TLSv1.2][JA3C: 3f2fba0262b1a22b739126dfb2fe7a7d][JA4: t12d550500_168bb377f8c8_a1e935682795][JA3S: 107030a763c7224285717ff1569a17f3][Firefox][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][PLAIN TEXT (AnyNet Root CA1 0)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0] |