diff options
| author | lns <matzeton@googlemail.com> | 2022-04-25 23:06:25 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2022-04-25 23:09:35 +0200 |
| commit | c125f8c52b6350db037b56c2616692bfe7189caf (patch) | |
| tree | 9c3d66997828e6bf27fcdd1b35ee82e78fb20836 /tests/result/KakaoTalk_talk.pcap.out | |
| parent | 075bce5f3de463975464472158dca980a45f48a3 (diff) | |
Improved TLS application data detection.improved/tls-appdata-detection
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'tests/result/KakaoTalk_talk.pcap.out')
| -rw-r--r-- | tests/result/KakaoTalk_talk.pcap.out | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/tests/result/KakaoTalk_talk.pcap.out b/tests/result/KakaoTalk_talk.pcap.out index dcd38408f..4977e96bb 100644 --- a/tests/result/KakaoTalk_talk.pcap.out +++ b/tests/result/KakaoTalk_talk.pcap.out @@ -3,8 +3,8 @@ Guessed flow protos: 12 DPI Packets (TCP): 86 (5.73 pkts/flow) DPI Packets (UDP): 6 (1.20 pkts/flow) Confidence Match by port : 4 (flows) -Confidence Match by IP : 7 (flows) -Confidence DPI : 9 (flows) +Confidence Match by IP : 6 (flows) +Confidence DPI : 10 (flows) HTTP 5 280 1 QQ 15 1727 1 @@ -36,7 +36,7 @@ JA3 Host Stats: 12 TCP 10.24.82.188:53974 -> 203.205.151.233:8080 [proto: 131/HTTP_Proxy][ClearText][Confidence: Match by port][cat: Web/5][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 3/0][11.12 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 13 TCP 120.28.26.242:80 <-> 10.24.82.188:34533 [proto: 7/HTTP][ClearText][Confidence: Match by port][cat: Web/5][3 pkts/168 bytes <-> 2 pkts/112 bytes][Goodput ratio: 0/0][0.48 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 14 UDP 10.24.82.188:25223 <-> 10.188.1.1:53 [proto: 5.119/DNS.Facebook][ClearText][Confidence: DPI][cat: SocialNetwork/6][1 pkts/79 bytes <-> 1 pkts/118 bytes][Goodput ratio: 44/62][0.20 sec][Hostname/SNI: mqtt.facebook.com][173.252.97.2][PLAIN TEXT (facebook)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 91.126/TLS.Google][Encrypted][Confidence: Match by IP][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 15 TCP 10.24.82.188:34686 -> 173.194.72.188:5228 [proto: 91.126/TLS.Google][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/164 bytes -> 0 pkts/0 bytes][Goodput ratio: 58/0][< 1 sec][Risk: ** Known Protocol on Non Standard Port **][Risk Score: 50][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 16 TCP 173.252.88.128:443 -> 10.24.82.188:59912 [proto: 91.119/TLS.Facebook][Encrypted][Confidence: Match by IP][cat: SocialNetwork/6][2 pkts/124 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 17 TCP 10.24.82.188:49217 -> 216.58.220.174:443 [proto: 91.126/TLS.Google][Encrypted][Confidence: Match by IP][cat: Web/5][1 pkts/83 bytes -> 0 pkts/0 bytes][Goodput ratio: 32/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 18 TCP 173.194.117.229:443 -> 10.24.82.188:38380 [proto: 91.126/TLS.Google][Encrypted][Confidence: Match by IP][cat: Web/5][1 pkts/56 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |