diff options
| author | Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> | 2024-05-21 12:49:27 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-21 12:49:27 +0200 |
| commit | 83840f1bb9e8825bb8000025ef7331a1d2e68ac4 (patch) | |
| tree | ef322b65ad442fdb467c994216b332b83a33bd65 /tests | |
| parent | 0109014f2c640106bd970dc7559fb0f15cc51271 (diff) | |
DTLS: add support for DTLS 1.3 (#2445)
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/cfgs/default/pcap/dtls.pcap | bin | 1712 -> 39340 bytes | |||
| -rw-r--r-- | tests/cfgs/default/result/dtls.pcap.out | 22 |
2 files changed, 12 insertions, 10 deletions
diff --git a/tests/cfgs/default/pcap/dtls.pcap b/tests/cfgs/default/pcap/dtls.pcap Binary files differindex a1b5f39d2..acb836258 100644 --- a/tests/cfgs/default/pcap/dtls.pcap +++ b/tests/cfgs/default/pcap/dtls.pcap diff --git a/tests/cfgs/default/result/dtls.pcap.out b/tests/cfgs/default/result/dtls.pcap.out index 4dbfdf4e8..d3f002aa5 100644 --- a/tests/cfgs/default/result/dtls.pcap.out +++ b/tests/cfgs/default/result/dtls.pcap.out @@ -1,10 +1,10 @@ -DPI Packets (UDP): 6 (3.00 pkts/flow) -Confidence DPI : 2 (flows) -Num dissector calls: 5 (2.50 diss/flow) +DPI Packets (UDP): 8 (2.67 pkts/flow) +Confidence DPI : 3 (flows) +Num dissector calls: 7 (2.33 diss/flow) LRU cache ookla: 0/0/0 (insert/search/found) LRU cache bittorrent: 0/0/0 (insert/search/found) LRU cache stun: 0/0/0 (insert/search/found) -LRU cache tls_cert: 0/5/0 (insert/search/found) +LRU cache tls_cert: 0/7/0 (insert/search/found) LRU cache mining: 0/0/0 (insert/search/found) LRU cache msteams: 0/0/0 (insert/search/found) LRU cache stun_zoom: 0/0/0 (insert/search/found) @@ -13,22 +13,24 @@ Automa domain: 0/0 (search/found) Automa tls cert: 0/0 (search/found) Automa risk mask: 0/0 (search/found) Automa common alpns: 0/0 (search/found) -Patricia risk mask: 4/0 (search/found) +Patricia risk mask: 6/0 (search/found) Patricia risk mask IPv6: 0/0 (search/found) Patricia risk: 0/0 (search/found) Patricia risk IPv6: 0/0 (search/found) -Patricia protocols: 3/1 (search/found) +Patricia protocols: 5/1 (search/found) Patricia protocols IPv6: 0/0 (search/found) -DTLS 6 1341 2 +DTLS 24 8508 3 -Safe 6 1341 2 +Safe 24 8508 3 JA3 Host Stats: IP Address # JA3C 1 10.191.227.13 1 2 192.168.13.203 1 + 3 127.0.0.1 1 - 1 UDP 10.191.227.13:54162 <-> 157.240.16.128:3478 [VLAN: 10][proto: GTP:30/DTLS][IP: 119/Facebook][Encrypted][Confidence: DPI][DPI packets: 4][cat: Web/5][3 pkts/665 bytes <-> 1 pkts/282 bytes][Goodput ratio: 61/69][0.20 sec][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** TLS Fatal Alert **][Risk Score: 70][Risk Info: No ALPN / SNI should always be present / Found fatal TLS alert][DTLSv1.2][JA3C: b2a6643b6798940d25020cb4abe9e2aa][JA4: t00d160700_7c8d7d5e37b2_ea2cef574603][Firefox][Plen Bins: 25,0,0,0,0,0,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 UDP 192.168.13.203:40739 -> 192.168.13.57:56515 [proto: 30/DTLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 2][cat: Web/5][2 pkts/394 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / No ALPN / SNI should always be present][DTLSv1.2][JA3C: bd743610892cec1efed851b2b5efd4f5][JA4: t00d120700_7c0e62f61317_d9dd6182da81][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 UDP 127.0.0.1:40983 <-> 127.0.0.1:11111 [proto: 30/DTLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 2][cat: Web/5][7 pkts/3187 bytes <-> 11 pkts/3980 bytes][Goodput ratio: 91/88][0.02 sec][TLS Supported Versions: DTLSv1.3][bytes ratio: -0.111 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 5/5 2/2][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 455/362 1398/1425 441/474][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **][Risk Score: 60][Risk Info: No ALPN / SNI should always be present][DTLSv1.3][JA3C: 320d2222212f652e923c3458b463c5b4][JA4: t00d270600_991e33d7eb74_10f9deb96590][JA3S: ecfd4f82776364c3015565f97e8c3897][Firefox][Cipher: TLS_AES_128_GCM_SHA256][Plen Bins: 11,16,22,0,11,0,0,0,0,11,0,0,0,0,0,0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,5,5,0,0,0,0] + 2 UDP 10.191.227.13:54162 <-> 157.240.16.128:3478 [VLAN: 10][proto: GTP:30/DTLS][IP: 119/Facebook][Encrypted][Confidence: DPI][DPI packets: 4][cat: Web/5][3 pkts/665 bytes <-> 1 pkts/282 bytes][Goodput ratio: 61/69][0.20 sec][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** TLS Fatal Alert **][Risk Score: 70][Risk Info: No ALPN / SNI should always be present / Found fatal TLS alert][DTLSv1.2][JA3C: b2a6643b6798940d25020cb4abe9e2aa][JA4: t00d160700_7c8d7d5e37b2_ea2cef574603][Firefox][Plen Bins: 25,0,0,0,0,0,75,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 3 UDP 192.168.13.203:40739 -> 192.168.13.57:56515 [proto: 30/DTLS][IP: 0/Unknown][Encrypted][Confidence: DPI][DPI packets: 2][cat: Web/5][2 pkts/394 bytes -> 0 pkts/0 bytes][Goodput ratio: 78/0][< 1 sec][Risk: ** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** Unidirectional Traffic **][Risk Score: 70][Risk Info: No server to client traffic / No ALPN / SNI should always be present][DTLSv1.2][JA3C: bd743610892cec1efed851b2b5efd4f5][JA4: t00d120700_7c0e62f61317_d9dd6182da81][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |