diff options
| author | lns <matzeton@googlemail.com> | 2022-06-04 21:03:17 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2022-06-05 22:48:20 +0200 |
| commit | ca8ac946f48ab853f47b557ae643d36045d7ae95 (patch) | |
| tree | 5608240e0a7228de964f44c56bffaae4bbc6a964 /tests/result/rsh-syslog-false-positive.pcap.out | |
| parent | 7419cfee6407ff2dad687733da8eb27edd181ef9 (diff) | |
Fixed syslog false negatives.improved/syslog-false-negatives
- RSH vs Syslog may still happen for midstream traffic
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'tests/result/rsh-syslog-false-positive.pcap.out')
| -rw-r--r-- | tests/result/rsh-syslog-false-positive.pcap.out | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/tests/result/rsh-syslog-false-positive.pcap.out b/tests/result/rsh-syslog-false-positive.pcap.out index a8c44d323..99ddc9793 100644 --- a/tests/result/rsh-syslog-false-positive.pcap.out +++ b/tests/result/rsh-syslog-false-positive.pcap.out @@ -1,8 +1,8 @@ Guessed flow protos: 0 -DPI Packets (TCP): 6 (6.00 pkts/flow) +DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence DPI : 1 (flows) -RSH 6 3335 1 +Syslog 6 3335 1 - 1 TCP 172.31.78.129:9039 -> 172.29.43.201:514 [proto: 294/RSH][ClearText][Confidence: DPI][cat: RemoteAccess/12][6 pkts/3335 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][0.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 16/0 26/0 6/0][Pkt Len c2s/s2c min/avg/max/stddev: 292/0 556/0 844/0 212/0][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (52.926451)][Plen Bins: 0,0,0,0,0,0,0,34,0,0,0,0,0,16,0,0,0,0,16,0,0,16,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 172.31.78.129:9039 -> 172.29.43.201:514 [proto: 17/Syslog][ClearText][Confidence: DPI][cat: System/18][6 pkts/3335 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][0.08 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 11/0 16/0 26/0 6/0][Pkt Len c2s/s2c min/avg/max/stddev: 292/0 556/0 844/0 212/0][PLAIN TEXT (52.926451)][Plen Bins: 0,0,0,0,0,0,0,34,0,0,0,0,0,16,0,0,0,0,16,0,0,16,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |