aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2024-11-22 18:21:58 +0100
committerLuca Deri <deri@ntop.org>2024-11-22 18:21:58 +0100
commit56e52448c43ee069b283501327bd15067d877d57 (patch)
treef365e71ed78c78303cfe8963cba510ad63ede73d /tests/cfgs/default/result/whatsapp_login_chat.pcap.out
parentf8a974b8771a70b7accbb6e408e23b08e76c1bea (diff)
When triggering risk "Known Proto on Non Std Port", nDPi now reports the port that was supposed to be used as default
Diffstat (limited to 'tests/cfgs/default/result/whatsapp_login_chat.pcap.out')
-rw-r--r--tests/cfgs/default/result/whatsapp_login_chat.pcap.out2
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/cfgs/default/result/whatsapp_login_chat.pcap.out b/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
index 59a181b7c..f84ef25c5 100644
--- a/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
+++ b/tests/cfgs/default/result/whatsapp_login_chat.pcap.out
@@ -34,7 +34,7 @@ Fun 1 86 1
1 TCP 192.168.2.4:49205 <-> 17.173.66.102:443 [proto: 91/TLS][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 140/Apple, Confidence: IP address][DPI packets: 6][cat: Web/5][24 pkts/15117 bytes <-> 20 pkts/6254 bytes][Goodput ratio: 91/83][3.89 sec][bytes ratio: 0.415 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 180/27 2803/212 622/57][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 630/313 1494/1002 544/370][Plen Bins: 0,0,4,0,0,0,0,0,0,0,16,0,0,0,8,4,0,16,0,0,0,0,4,0,0,0,0,0,0,16,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,16,0,0]
2 TCP 192.168.2.4:49206 <-> 158.85.58.15:5222 [proto: 142/WhatsApp][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: Chat/9][17 pkts/1794 bytes <-> 13 pkts/1169 bytes][Goodput ratio: 37/26][19.72 sec][bytes ratio: 0.211 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/10 1371/2066 10513/10479 2988/3556][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 106/90 267/144 68/22][TCP Fingerprint: 2_64_65535_09b18f059744/Unknown][PLAIN TEXT (iPhone)][Plen Bins: 21,50,7,0,0,14,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 91/TLS][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 6][cat: Web/5][6 pkts/2095 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][20.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 659/0 4000/0 10199/0 3476/0][Pkt Len c2s/s2c min/avg/max/stddev: 220/0 349/0 375/0 58/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,16,0,0,0,0,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 17.110.229.14:5223 -> 192.168.2.4:49193 [proto: 91/TLS][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 6][cat: Web/5][6 pkts/2095 bytes -> 0 pkts/0 bytes][Goodput ratio: 81/0][20.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 659/0 4000/0 10199/0 3476/0][Pkt Len c2s/s2c min/avg/max/stddev: 220/0 349/0 375/0 58/0][Risk: ** Known Proto on Non Std Port **** Unidirectional Traffic **][Risk Score: 60][Risk Info: No server to client traffic / Expected on port 443][Plen Bins: 0,0,0,0,16,0,0,0,0,83,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 18/DHCP, Confidence: DPI][DPI packets: 1][cat: Network/14][6 pkts/2052 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][25.29 sec][Hostname/SNI: lucas-imac][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1983/0 5058/0 8569/0 2765/0][Pkt Len c2s/s2c min/avg/max/stddev: 342/0 342/0 342/0 0/0][DHCP Fingerprint: 1,3,6,15,119,95,252,44,46][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 121/Dropbox, Confidence: DPI][DPI packets: 1][cat: Cloud/13][2 pkts/1088 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][30.04 sec][PLAIN TEXT ( 3375359593)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 UDP 192.168.2.4:61697 <-> 192.168.2.1:53 [proto: 5.142/DNS.WhatsApp][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.142/DNS.WhatsApp, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/76 bytes <-> 1 pkts/204 bytes][Goodput ratio: 44/79][0.03 sec][Hostname/SNI: e12.whatsapp.net][184.173.179.47][PLAIN TEXT (whatsapp)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.