diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2022-07-07 19:24:31 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-07 19:24:31 +0200 |
| commit | f8076e3a58e628d6761d16acdb4c8c7220a260ec (patch) | |
| tree | 66a5d0f8326fe4317db53b1626279b0afd6c23cd /tests/result | |
| parent | ff4e010501ff057e353c7f1d9785b5caadceade3 (diff) | |
SMB: add (partial) support for messages split into multiple TCP segments (#1644)
Diffstat (limited to 'tests/result')
| -rw-r--r-- | tests/result/android.pcap.out | 2 | ||||
| -rw-r--r-- | tests/result/fuzz-2021-10-13.pcap.out | 2 | ||||
| -rw-r--r-- | tests/result/skype_no_unknown.pcap.out | 2 | ||||
| -rw-r--r-- | tests/result/smb_frags.pcap.out | 8 | ||||
| -rw-r--r-- | tests/result/teams.pcap.out | 2 | ||||
| -rw-r--r-- | tests/result/tls_invalid_reads.pcap.out | 4 | ||||
| -rw-r--r-- | tests/result/viber.pcap.out | 2 |
7 files changed, 15 insertions, 7 deletions
diff --git a/tests/result/android.pcap.out b/tests/result/android.pcap.out index a95c8f4c6..d8ded0a71 100644 --- a/tests/result/android.pcap.out +++ b/tests/result/android.pcap.out @@ -1,6 +1,6 @@ Guessed flow protos: 7 -DPI Packets (TCP): 157 (5.61 pkts/flow) +DPI Packets (TCP): 147 (5.25 pkts/flow) DPI Packets (UDP): 52 (1.68 pkts/flow) DPI Packets (other): 4 (1.00 pkts/flow) Confidence Match by IP : 3 (flows) diff --git a/tests/result/fuzz-2021-10-13.pcap.out b/tests/result/fuzz-2021-10-13.pcap.out index b34c41b1c..4cab569cb 100644 --- a/tests/result/fuzz-2021-10-13.pcap.out +++ b/tests/result/fuzz-2021-10-13.pcap.out @@ -1,4 +1,4 @@ -Guessed flow protos: 0 +Guessed flow protos: 1 DPI Packets (TCP): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out index f99c8130b..afcd4f400 100644 --- a/tests/result/skype_no_unknown.pcap.out +++ b/tests/result/skype_no_unknown.pcap.out @@ -1,6 +1,6 @@ Guessed flow protos: 72 -DPI Packets (TCP): 1168 (15.37 pkts/flow) +DPI Packets (TCP): 1159 (15.25 pkts/flow) DPI Packets (UDP): 288 (1.55 pkts/flow) DPI Packets (other): 5 (1.00 pkts/flow) Confidence Unknown : 45 (flows) diff --git a/tests/result/smb_frags.pcap.out b/tests/result/smb_frags.pcap.out new file mode 100644 index 000000000..b6826fbca --- /dev/null +++ b/tests/result/smb_frags.pcap.out @@ -0,0 +1,8 @@ +Guessed flow protos: 0 + +DPI Packets (TCP): 5 (5.00 pkts/flow) +Confidence DPI : 1 (flows) + +SMBv1 8 2763 1 + + 1 TCP 10.202.211.125:54120 <-> 10.202.7.8:445 [VLAN: 1608][proto: 10.16/NetBIOS.SMBv1][ClearText][Confidence: DPI][cat: System/18][5 pkts/2009 bytes <-> 3 pkts/754 bytes][Goodput ratio: 82/71][0.58 sec][bytes ratio: 0.454 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/94 144/238 387/383 145/144][Pkt Len c2s/s2c min/avg/max/stddev: 70/78 402/251 1438/397 525/132][Risk: ** Known Proto on Non Std Port **** SMB Insecure Vers **** Unsafe Protocol **][Risk Score: 160][Risk Info: Found SMBv1 / Expected on port 139][PLAIN TEXT (defined.12)][Plen Bins: 0,20,0,0,0,0,20,20,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0] diff --git a/tests/result/teams.pcap.out b/tests/result/teams.pcap.out index 7a4c51573..48da11ef9 100644 --- a/tests/result/teams.pcap.out +++ b/tests/result/teams.pcap.out @@ -1,6 +1,6 @@ Guessed flow protos: 4 -DPI Packets (TCP): 494 (11.76 pkts/flow) +DPI Packets (TCP): 356 (8.48 pkts/flow) DPI Packets (UDP): 87 (2.17 pkts/flow) DPI Packets (other): 1 (1.00 pkts/flow) Confidence Unknown : 1 (flows) diff --git a/tests/result/tls_invalid_reads.pcap.out b/tests/result/tls_invalid_reads.pcap.out index 9d942c419..67e47b12b 100644 --- a/tests/result/tls_invalid_reads.pcap.out +++ b/tests/result/tls_invalid_reads.pcap.out @@ -1,6 +1,6 @@ -Guessed flow protos: 3 +Guessed flow protos: 2 -DPI Packets (TCP): 11 (3.67 pkts/flow) +DPI Packets (TCP): 10 (3.33 pkts/flow) Confidence Match by IP : 1 (flows) Confidence DPI : 2 (flows) diff --git a/tests/result/viber.pcap.out b/tests/result/viber.pcap.out index 2cae4412b..a5cdfbea4 100644 --- a/tests/result/viber.pcap.out +++ b/tests/result/viber.pcap.out @@ -1,6 +1,6 @@ Guessed flow protos: 5 -DPI Packets (TCP): 151 (11.62 pkts/flow) +DPI Packets (TCP): 131 (10.08 pkts/flow) DPI Packets (UDP): 27 (1.93 pkts/flow) DPI Packets (other): 2 (1.00 pkts/flow) Confidence Match by IP : 4 (flows) |