diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2023-07-21 03:41:43 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-07-21 03:41:43 +0200 |
| commit | c85f2fb0f44f734a34ac905d4e35fcf479f19901 (patch) | |
| tree | 560473f07584e41faaad4a03f473c6e22eb93a6c /tests/cfgs/default | |
| parent | fa0bd515b5c4861ba05cb14732da85c98d537386 (diff) | |
TLS: add basic, basic, detection of Encrypted ClientHello (#2053)
Diffstat (limited to 'tests/cfgs/default')
| -rw-r--r-- | tests/cfgs/default/pcap/tls_ech.pcapng | bin | 0 -> 4948 bytes | |||
| -rw-r--r-- | tests/cfgs/default/result/tls_ech.pcapng.out | 30 |
2 files changed, 30 insertions, 0 deletions
diff --git a/tests/cfgs/default/pcap/tls_ech.pcapng b/tests/cfgs/default/pcap/tls_ech.pcapng Binary files differnew file mode 100644 index 000000000..7c018b266 --- /dev/null +++ b/tests/cfgs/default/pcap/tls_ech.pcapng diff --git a/tests/cfgs/default/result/tls_ech.pcapng.out b/tests/cfgs/default/result/tls_ech.pcapng.out new file mode 100644 index 000000000..048bd7323 --- /dev/null +++ b/tests/cfgs/default/result/tls_ech.pcapng.out @@ -0,0 +1,30 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 6 (6.00 pkts/flow) +Confidence DPI : 1 (flows) +Num dissector calls: 1 (1.00 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 1/1 (search/found) +Automa domain: 1/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 2/2 (search/found) +Patricia risk mask: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia protocols: 0/0 (search/found) + +Cloudflare 10 4226 1 + +JA3 Host Stats: + IP Address # JA3C + 1 2001:b07:a3d:c112:ce16:b409:3d0a:9177 1 + + + 1 TCP [2001:b07:a3d:c112:ce16:b409:3d0a:9177]:47460 <-> [2606:4700::6812:1e4e]:443 [proto: 91.220/TLS.Cloudflare][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 6][cat: Web/5][6 pkts/1172 bytes <-> 4 pkts/3054 bytes][Goodput ratio: 55/88][0.07 sec][Hostname/SNI: performance.radar.cloudflare.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2][bytes ratio: -0.445 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/3 13/5 49/7 18/2][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 195/764 670/2260 213/890][TLSv1.3][JA3C: 6820f114cf3b0809ffdcb30cb277848a][JA3S: eb1d94daa7e0344597e756a1fb6e7054][ECH: version 0xfe0d][Chrome][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25] |