Exported username in flow information

author: Luca Deri <deri@ntop.org> 2022-07-04 22:52:54 +0200
committer: Luca Deri <deri@ntop.org> 2022-07-04 22:52:54 +0200
commit: 7fa8d882d83577334c7c91843eb40c2ebae8bf74 (patch)
tree: bb599e4828303ea4c531dec6e224f90247ca8427 /tests/result
parent: 461589517e50c201bf063c7d4dbb3639e43f4268 (diff)
5 files changed, 5 insertions, 5 deletions
diff --git a/tests/result/ftp.pcap.out b/tests/result/ftp.pcap.out
index d8323f368..208fe517c 100644
--- a/tests/result/ftp.pcap.out
+++ b/tests/result/ftp.pcap.out
@@ -8,7 +8,7 @@ Unknown	1115	1122198	1
 FTP_CONTROL	68	5571	1
 FTP_DATA	9	1819	1
 
-	1	TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: DPI][cat: Download/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][Goodput ratio: 6/33][8.48 sec][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/108 4743/1377 849/305][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/99 96/307 7/45][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found FTP username][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 74,18,5,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 192.168.1.212:50694 <-> 90.130.70.73:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: DPI][cat: Download/7][41 pkts/2892 bytes <-> 27 pkts/2679 bytes][Goodput ratio: 6/33][8.48 sec][User: anonymous][Pwd: NcFTP@][bytes ratio: 0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 236/108 4743/1377 849/305][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 71/99 96/307 7/45][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found FTP username (anonymous)][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 74,18,5,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	2	TCP 192.168.1.212:50695 <-> 90.130.70.73:25685 [proto: 175/FTP_DATA][ClearText][Confidence: DPI][cat: Download/7][5 pkts/342 bytes <-> 4 pkts/1477 bytes][Goodput ratio: 0/82][0.09 sec][bytes ratio: -0.624 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/28 14/28 29/29 14/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 68/369 78/1271 5/521][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No client to server traffic][PLAIN TEXT (    1 0        0        1073741)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0]
 
 
diff --git a/tests/result/ftp_failed.pcap.out b/tests/result/ftp_failed.pcap.out
index 6b37c4798..bc5dd727c 100644
--- a/tests/result/ftp_failed.pcap.out
+++ b/tests/result/ftp_failed.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI              : 1 (flows)
 
 FTP_CONTROL	18	1700	1
 
-	1	TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: DPI][cat: Download/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found FTP username][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: DPI][cat: Download/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found FTP username (hello)][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/imap.pcap.out b/tests/result/imap.pcap.out
index 68d54a1f4..55f7fe460 100644
--- a/tests/result/imap.pcap.out
+++ b/tests/result/imap.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI              : 1 (flows)
 
 IMAP	33	3774	1
 
-	1	TCP 10.40.4.2:46045 <-> 10.40.3.2:143 [proto: 4/IMAP][ClearText][Confidence: DPI][cat: Email/3][20 pkts/1507 bytes <-> 13 pkts/2267 bytes][Goodput ratio: 12/62][4.57 sec][User: samir][Pwd: pfres][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/17 39/39 15/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 75/174 139/762 17/181][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found IMAP Username][PLAIN TEXT ( OK IMAP4)][Plen Bins: 51,22,11,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 10.40.4.2:46045 <-> 10.40.3.2:143 [proto: 4/IMAP][ClearText][Confidence: DPI][cat: Email/3][20 pkts/1507 bytes <-> 13 pkts/2267 bytes][Goodput ratio: 12/62][4.57 sec][User: samir][Pwd: pfres][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/17 39/39 15/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 75/174 139/762 17/181][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found IMAP username (samir)][PLAIN TEXT ( OK IMAP4)][Plen Bins: 51,22,11,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/irc.pcap.out b/tests/result/irc.pcap.out
index 17d60a8d5..07238fde4 100644
--- a/tests/result/irc.pcap.out
+++ b/tests/result/irc.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI              : 1 (flows)
 
 IRC	29	8945	1
 
-	1	TCP 10.180.156.249:45921 <-> 38.229.70.20:8000 [proto: 65/IRC][ClearText][Confidence: DPI][cat: Chat/9][14 pkts/1046 bytes <-> 15 pkts/7899 bytes][Goodput ratio: 11/87][14.57 sec][bytes ratio: -0.766 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1314/1206 8864/8864 2852/2736][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/527 107/1514 14/611][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 160][Risk Info: No client to server traffic / Found username][PLAIN TEXT (USER xx)][Plen Bins: 13,41,6,0,0,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
+	1	TCP 10.180.156.249:45921 <-> 38.229.70.20:8000 [proto: 65/IRC][ClearText][Confidence: DPI][cat: Chat/9][14 pkts/1046 bytes <-> 15 pkts/7899 bytes][Goodput ratio: 11/87][14.57 sec][bytes ratio: -0.766 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1314/1206 8864/8864 2852/2736][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/527 107/1514 14/611][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 160][Risk Info: No client to server traffic / Found username (xxxxx +iw xxxxx :Xxxxxx Xxxx)][PLAIN TEXT (USER xx)][Plen Bins: 13,41,6,0,0,0,0,0,6,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,26,0,0]
diff --git a/tests/result/pop3.pcap.out b/tests/result/pop3.pcap.out
index 30ec3cb35..dd0921dc4 100644
--- a/tests/result/pop3.pcap.out
+++ b/tests/result/pop3.pcap.out
@@ -5,4 +5,4 @@ Confidence DPI              : 1 (flows)
 
 POP3	31	3915	1
 
-	1	TCP 143.225.229.181:35287 <-> 74.208.5.28:110 [proto: 2/POP3][ClearText][Confidence: DPI][cat: Email/3][18 pkts/1269 bytes <-> 13 pkts/2646 bytes][Goodput ratio: 6/67][27.32 sec][User: cicciopernacchio@mail.com][Pwd: pippozzo][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1792/2973 5526/5668 2204/2427][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70/204 98/1514 8/379][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found username][PLAIN TEXT (OK POP server ready H migmxus)][Plen Bins: 60,20,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
+	1	TCP 143.225.229.181:35287 <-> 74.208.5.28:110 [proto: 2/POP3][ClearText][Confidence: DPI][cat: Email/3][18 pkts/1269 bytes <-> 13 pkts/2646 bytes][Goodput ratio: 6/67][27.32 sec][User: cicciopernacchio@mail.com][Pwd: pippozzo][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 1792/2973 5526/5668 2204/2427][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70/204 98/1514 8/379][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: No client to server traffic / Found username (cicciopernacchio@mail.com)][PLAIN TEXT (OK POP server ready H migmxus)][Plen Bins: 60,20,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
author	Luca Deri <deri@ntop.org>	2022-07-04 22:52:54 +0200
committer	Luca Deri <deri@ntop.org>	2022-07-04 22:52:54 +0200
commit	7fa8d882d83577334c7c91843eb40c2ebae8bf74 (patch)
tree	bb599e4828303ea4c531dec6e224f90247ca8427 /tests/result
parent	461589517e50c201bf063c7d4dbb3639e43f4268 (diff)