diff options
| author | Luca Deri <deri@ntop.org> | 2020-09-09 23:25:19 +0200 |
|---|---|---|
| committer | Luca Deri <deri@ntop.org> | 2020-09-09 23:25:19 +0200 |
| commit | 7086197047f3b342f650b91374c322615693c888 (patch) | |
| tree | 39d33b7282f260e4e98b193de40bb81a97368bea /tests/result/dns_long_domainname.pcap.out | |
| parent | 842c00e68170b67e147d2d9d9eb04030548e9011 (diff) | |
Added extension to detect nested subdomains as used in Browsertunnel attack tool
https://github.com/veggiedefender/browsertunnel
Diffstat (limited to 'tests/result/dns_long_domainname.pcap.out')
| -rw-r--r-- | tests/result/dns_long_domainname.pcap.out | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/tests/result/dns_long_domainname.pcap.out b/tests/result/dns_long_domainname.pcap.out new file mode 100644 index 000000000..fd2e5950f --- /dev/null +++ b/tests/result/dns_long_domainname.pcap.out @@ -0,0 +1,3 @@ +Google 2 262 1 + + 1 UDP 192.168.1.168:65311 <-> 8.8.8.8:53 [proto: 5.126/DNS.Google][cat: Web/5][1 pkts/103 bytes <-> 1 pkts/159 bytes][Goodput ratio: 59/73][0.02 sec][Host: gmr02c.16.0.fhkfhsdkfhsk.tunnel.example.com][::][Risk: ** Suspicious DGA domain name **][PLAIN TEXT (fhkfhsdkfhsk)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |