diff options
| author | Vitaly Lavrov <vel21ripn@gmail.com> | 2022-03-08 02:20:56 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-08 00:20:56 +0100 |
| commit | a1451935b8653adc830ee4cb827def3622fb02d6 (patch) | |
| tree | 7056ae6059f3a4126afec650420654cba0f44e66 /tests/result/anydesk-2.pcap.out | |
| parent | c345b3c7af89957ef4bc55e2ccf1b1a4bc724f3a (diff) | |
Errors fixed (#1482)
Fixed errors for bigendian platforms in ndpiReader.
All address and port comparisons and hash calculations are done with
endian in mind.
The get_ndpi_flow_info() function searched for an existing flow for the
forward and reverse direction of the packet.
The ndpi_workflow_node_cmp() function looked for a flow regardless of
the packet's direction. This is what led to an error in determining the
direction of transmission of the packet.
Fixed error in "synscan" test: the number of packets in the forward and
reverse direction is incorrectly defined (verified via tcpdump).
Fixed bug with icmp protocol checksum check for big endian platforms.
Diffstat (limited to 'tests/result/anydesk-2.pcap.out')
| -rw-r--r-- | tests/result/anydesk-2.pcap.out | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/tests/result/anydesk-2.pcap.out b/tests/result/anydesk-2.pcap.out index d0de427e0..9d45b4a89 100644 --- a/tests/result/anydesk-2.pcap.out +++ b/tests/result/anydesk-2.pcap.out @@ -8,8 +8,8 @@ AnyDesk 2083 346113 4 JA3 Host Stats: IP Address # JA3C - 1 192.168.1.187 1 - 2 192.168.1.178 1 + 1 192.168.1.178 1 + 2 192.168.1.187 1 1 TCP 192.168.1.187:54164 <-> 192.168.1.178:7070 [proto: 91.252/TLS.AnyDesk][Encrypted][Confidence: DPI][cat: RemoteAccess/12][509 pkts/226247 bytes <-> 1555 pkts/115282 bytes][Goodput ratio: 88/22][22.84 sec][bytes ratio: 0.325 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 48/14 2966/3021 229/106][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 444/74 1511/1514 475/47][Risk: ** Known Protocol on Non Standard Port **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extension **** Desktop/File Sharing Session **][Risk Score: 120][TLSv1.2][JA3C: 3f2fba0262b1a22b739126dfb2fe7a7d][JA3S: ee644a8a34c434abca4b737ec1d9efad][Subject: CN=AnyDesk Client, CN=AnyDesk Client][Certificate SHA-1: F8:4E:27:4E:F9:33:35:2F:1A:69:71:D5:02:6B:B8:72:EF:B7:BA:B0][Firefox][Cipher: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,64,6,1,3,1,1,1,0,1,1,0,0,1,1,0,3,0,0,0,0,0,3,1,0,1,1,0,1,0,0,0,0,1,0,0,1,0,0,0,1,0,0,1,0,1,0,0] |