aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/ultrasurf.pcap.out
diff options
context:
space:
mode:
authorLuca Deri <lucaderi@users.noreply.github.com>2024-04-18 23:21:40 +0200
committerGitHub <noreply@github.com>2024-04-18 23:21:40 +0200
commitad117bfaabd3bc75dc70d0ddbc4ba18c86c40dbd (patch)
tree3b1fb6016da1e114bca190ed6a868421fd9c32f1 /tests/cfgs/default/result/ultrasurf.pcap.out
parent108b8331d5b345e110c9ef110a6aa95a2767a640 (diff)
Domain Classification Improvements (#2396)
* Added size_t ndpi_compress_str(const char * in, size_t len, char * out, size_t bufsize); size_t ndpi_decompress_str(const char * in, size_t len, char * out, size_t bufsize); used to compress short strings such as domain names. This code is based on https://github.com/Ed-von-Schleck/shoco * Major code rewrite for ndpi_hash and ndpi_domain_classify * Improvements to make sure custom categories are loaded and enabled * Fixed string encoding * Extended SalesForce/Cloudflare domains list
Diffstat (limited to 'tests/cfgs/default/result/ultrasurf.pcap.out')
-rw-r--r--tests/cfgs/default/result/ultrasurf.pcap.out4
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/cfgs/default/result/ultrasurf.pcap.out b/tests/cfgs/default/result/ultrasurf.pcap.out
index 24df6cdeb..3a9fa5d49 100644
--- a/tests/cfgs/default/result/ultrasurf.pcap.out
+++ b/tests/cfgs/default/result/ultrasurf.pcap.out
@@ -33,5 +33,5 @@ JA3 Host Stats:
1 TCP 65.49.68.25:50053 <-> 10.132.0.23:37898 [VLAN: 200][proto: 304/UltraSurf][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 1][cat: VPN/2][60 pkts/116248 bytes <-> 40 pkts/4295 bytes][Goodput ratio: 96/11][2.50 sec][bytes ratio: 0.929 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 39/18 438/250 82/50][Pkt Len c2s/s2c min/avg/max/stddev: 1350/90 1937/107 2646/160 641/19][PLAIN TEXT (OFdfbY)][Plen Bins: 0,10,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,47,0,0,0,0,0,0,38]
- 2 TCP 10.132.0.23:38120 <-> 65.49.68.25:50053 [VLAN: 200][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][53 pkts/17749 bytes <-> 76 pkts/35849 bytes][Goodput ratio: 79/85][1.90 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/18 260/269 67/46][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 335/472 1494/2646 417/739][Risk: ** Known Proto on Non Std Port **** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 150][TLSv1.3][JA3C: b592adaa596bb72a5c1ccdbecae52e3f][JA4: t00d1514h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 2,32,9,5,7,6,3,1,2,0,1,0,0,0,0,0,1,1,4,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,2,0,0,5,0,3,0,1,0,0,7]
- 3 TCP 10.132.0.23:38152 <-> 65.49.68.25:50053 [VLAN: 200][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][51 pkts/17295 bytes <-> 53 pkts/35335 bytes][Goodput ratio: 79/89][1.44 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/11 260/251 65/38][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 339/667 1418/2646 438/736][Risk: ** Known Proto on Non Std Port **** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 150][TLSv1.3][JA3C: b592adaa596bb72a5c1ccdbecae52e3f][JA4: t00d1514h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 1,27,4,2,5,4,4,1,1,1,1,1,1,1,0,0,1,1,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,23,0,8,0,0,0,0,4]
+ 2 TCP 10.132.0.23:38120 <-> 65.49.68.25:50053 [VLAN: 200][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][53 pkts/17749 bytes <-> 76 pkts/35849 bytes][Goodput ratio: 79/85][1.90 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.338 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 32/18 260/269 67/46][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 335/472 1494/2646 417/739][Risk: ** Known Proto on Non Std Port **** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 150][Risk Info: SNI should always be present / h2][TLSv1.3][JA3C: b592adaa596bb72a5c1ccdbecae52e3f][JA4: t00d1514h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 2,32,9,5,7,6,3,1,2,0,1,0,0,0,0,0,1,1,4,2,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,2,0,0,5,0,3,0,1,0,0,7]
+ 3 TCP 10.132.0.23:38152 <-> 65.49.68.25:50053 [VLAN: 200][proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][51 pkts/17295 bytes <-> 53 pkts/35335 bytes][Goodput ratio: 79/89][1.44 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 28/11 260/251 65/38][Pkt Len c2s/s2c min/avg/max/stddev: 70/70 339/667 1418/2646 438/736][Risk: ** Known Proto on Non Std Port **** Missing SNI TLS Extn **** ALPN/SNI Mismatch **][Risk Score: 150][Risk Info: SNI should always be present / h2][TLSv1.3][JA3C: b592adaa596bb72a5c1ccdbecae52e3f][JA4: t00d1514h2_8daaf6152771_de4a06bb82e3][JA3S: f4febc55ea12b31ae17cfb7e614afda8][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 1,27,4,2,5,4,4,1,1,1,1,1,1,1,0,0,1,1,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,23,0,8,0,0,0,0,4]
Powered by cgit, Themed by Ted Yin.