diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-05-04 11:27:34 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-04 11:27:34 +0200 |
| commit | 6b94c9675a85ae00aa566103ec8ad06d3943ed5c (patch) | |
| tree | 260e1d21344943fcf50ed38557c36df2220dedc0 /tests/cfgs/default | |
| parent | 9a5d60bff651587be1f9d02ef7bd5ea07541a5f6 (diff) | |
Improve detection of crawler/bot traffic (#1956)
Diffstat (limited to 'tests/cfgs/default')
| -rw-r--r-- | tests/cfgs/default/result/bot.pcap.out | 2 | ||||
| -rw-r--r-- | tests/cfgs/default/result/ssh.pcap.out | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/tests/cfgs/default/result/bot.pcap.out b/tests/cfgs/default/result/bot.pcap.out index f8a04e636..763107350 100644 --- a/tests/cfgs/default/result/bot.pcap.out +++ b/tests/cfgs/default/result/bot.pcap.out @@ -17,7 +17,7 @@ Automa tls cert: 0/0 (search/found) Automa risk mask: 0/0 (search/found) Automa common alpns: 0/0 (search/found) Patricia risk mask: 2/0 (search/found) -Patricia risk: 2/0 (search/found) +Patricia risk: 1/1 (search/found) Patricia protocols: 2/1 (search/found) HTTP 402 431124 1 diff --git a/tests/cfgs/default/result/ssh.pcap.out b/tests/cfgs/default/result/ssh.pcap.out index 7c30400d3..22ff4cc04 100644 --- a/tests/cfgs/default/result/ssh.pcap.out +++ b/tests/cfgs/default/result/ssh.pcap.out @@ -22,4 +22,4 @@ Patricia protocols: 2/0 (search/found) SSH 258 35546 1 - 1 TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 10][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][Goodput ratio: 33/67][248.48 sec][Hostname/SNI: SSH-2.0-OpenSSH_5.3][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1846/2934 166223/166224 14794/19692][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98/201 970/1346 83/283][Risk: ** SSH Obsolete Cli Vers/Cipher **** SSH Obsolete Ser Vers/Cipher **][Risk Score: 150][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][Server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325][Plen Bins: 2,76,12,2,3,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0] + 1 TCP 172.16.238.1:58395 <-> 172.16.238.168:22 [proto: 92/SSH][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 10][cat: RemoteAccess/12][159 pkts/15615 bytes <-> 99 pkts/19931 bytes][Goodput ratio: 33/67][248.48 sec][Hostname/SNI: SSH-2.0-OpenSSH_5.3][bytes ratio: -0.121 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1846/2934 166223/166224 14794/19692][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 98/201 970/1346 83/283][Risk: ** SSH Obsolete Cli Vers/Cipher **** SSH Obsolete Ser Vers/Cipher **][Risk Score: 150][Risk Info: Found cipher arcfour128 / Found cipher arcfour128][HASSH-C: 21B457A327CE7A2D4FCE5EF2C42400BD][Server: SSH-2.0-OpenSSH_5.6][HASSH-S: B1C6C0D56317555B85C7005A3DE29325][Plen Bins: 2,76,12,2,3,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0] |