aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorIvan Nardi <12729895+IvanNardi@users.noreply.github.com>2022-03-08 00:21:51 +0100
committerGitHub <noreply@github.com>2022-03-08 00:21:51 +0100
commit269be6c7ef038d2de377546813fbb2bacf80e510 (patch)
tree33119a500bca58ce4694c6223481506587aec648 /tests
parentf91218360b8bce56dd96fac888c83a6a1c6bdc32 (diff)
Some small fixes (#1481)
FTP: if the authentication fails, stop analyzing the flow WSD: call the initialization routine; the dissector code has never been triggered MINING: fix dissection
Diffstat (limited to 'tests')
-rw-r--r--tests/result/bitcoin.pcap.out18
-rw-r--r--tests/result/ftp_failed.pcap.out8
-rw-r--r--tests/result/upnp.pcap.out10
3 files changed, 18 insertions, 18 deletions
diff --git a/tests/result/bitcoin.pcap.out b/tests/result/bitcoin.pcap.out
index a210dc898..56a67e60a 100644
--- a/tests/result/bitcoin.pcap.out
+++ b/tests/result/bitcoin.pcap.out
@@ -1,13 +1,13 @@
-Guessed flow protos: 6
+Guessed flow protos: 0
-DPI Packets (TCP): 370 (61.67 pkts/flow)
-Confidence Match by port : 6 (flows)
+DPI Packets (TCP): 6 (1.00 pkts/flow)
+Confidence DPI : 6 (flows)
Mining 637 581074 6
- 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][Goodput ratio: 53/95][330.56 sec][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657/2644 141657/76010 0/11325][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140/1394 171/1514 30/378][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,6,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0]
- 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][Goodput ratio: 87/94][1491.26 sec][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21789/4882 100110/64236 26995/11546][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521/1152 1514/1514 578/589][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,32,0,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0]
- 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][Goodput ratio: 91/91][1337.01 sec][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993/12001 134322/105866 27575/21527][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696/733 1514/1514 637/653][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,47,0,4,0,0,0,0,5,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
- 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][Goodput ratio: 88/92][1107.93 sec][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22661/13162 91604/95856 25520/24264][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 571/777 1514/1514 606/673][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,53,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
- 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][Goodput ratio: 95/89][1.27 sec][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90/212 655/289 169/76][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1355/590 1514/1514 369/654][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 5,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,74,0,0]
- 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][ClearText][Confidence: Match by port][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][Goodput ratio: 49/86][506.07 sec][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21944/256 75340/256 19965/0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128/461 171/1127 12/472][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 3,82,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.1.142:55328 <-> 69.118.54.122:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][2 pkts/281 bytes <-> 137 pkts/191029 bytes][Goodput ratio: 53/95][330.56 sec][ETH][bytes ratio: -0.997 (Download)][IAT c2s/s2c min/avg/max/stddev: 141657/0 141657/2644 141657/76010 0/11325][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 140/1394 171/1514 30/378][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,6,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0]
+ 2 TCP 192.168.1.142:55348 <-> 74.89.181.229:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][55 pkts/28663 bytes <-> 117 pkts/134830 bytes][Goodput ratio: 87/94][1491.26 sec][ETH][bytes ratio: -0.649 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 21789/4882 100110/64236 26995/11546][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 521/1152 1514/1514 578/589][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,32,0,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,59,0,0]
+ 3 TCP 192.168.1.142:55383 <-> 66.68.83.22:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][65 pkts/45271 bytes <-> 96 pkts/70339 bytes][Goodput ratio: 91/91][1337.01 sec][ETH][bytes ratio: -0.217 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18993/12001 134322/105866 27575/21527][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 696/733 1514/1514 637/653][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,47,0,4,0,0,0,0,5,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0]
+ 4 TCP 192.168.1.142:55400 <-> 195.218.16.178:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][47 pkts/26824 bytes <-> 72 pkts/55927 bytes][Goodput ratio: 88/92][1107.93 sec][ETH][bytes ratio: -0.352 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 22661/13162 91604/95856 25520/24264][Pkt Len c2s/s2c min/avg/max/stddev: 110/86 571/777 1514/1514 606/673][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 0,53,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,39,0,0]
+ 5 TCP 192.168.1.142:55317 <-> 188.165.213.169:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][16 pkts/21673 bytes <-> 3 pkts/1771 bytes][Goodput ratio: 95/89][1.27 sec][ETH][bytes ratio: 0.849 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/136 90/212 655/289 169/76][Pkt Len c2s/s2c min/avg/max/stddev: 171/86 1355/590 1514/1514 369/654][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 5,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,74,0,0]
+ 6 TCP 192.168.1.142:55487 <-> 184.58.165.119:8333 [proto: 42/Mining][ClearText][Confidence: DPI][cat: Mining/99][24 pkts/3082 bytes <-> 3 pkts/1384 bytes][Goodput ratio: 49/86][506.07 sec][ETH][bytes ratio: 0.380 (Upload)][IAT c2s/s2c min/avg/max/stddev: 238/256 21944/256 75340/256 19965/0][Pkt Len c2s/s2c min/avg/max/stddev: 121/86 128/461 171/1127 12/472][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (version)][Plen Bins: 3,82,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/ftp_failed.pcap.out b/tests/result/ftp_failed.pcap.out
index 7bbd594d1..5ec13b393 100644
--- a/tests/result/ftp_failed.pcap.out
+++ b/tests/result/ftp_failed.pcap.out
@@ -1,8 +1,8 @@
-Guessed flow protos: 1
+Guessed flow protos: 0
-DPI Packets (TCP): 18 (18.00 pkts/flow)
-Confidence Match by port : 1 (flows)
+DPI Packets (TCP): 8 (8.00 pkts/flow)
+Confidence DPI : 1 (flows)
FTP_CONTROL 18 1700 1
- 1 TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: Match by port][cat: Download/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP [2a00:d40:1:3:192:12:193:11]:44724 <-> [2a00:800:1010::1]:21 [proto: 1/FTP_CONTROL][ClearText][Confidence: DPI][cat: Download/7][10 pkts/892 bytes <-> 8 pkts/808 bytes][Goodput ratio: 3/14][7.24 sec][User: hello][Pwd: ][Auth Failed][bytes ratio: 0.049 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 896/1442 5304/5318 1757/2052][Pkt Len c2s/s2c min/avg/max/stddev: 86/86 89/101 98/126 4/15][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][PLAIN TEXT (vsFTPd 3.0.3)][Plen Bins: 71,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/upnp.pcap.out b/tests/result/upnp.pcap.out
index f320f01e4..1d9a7be8b 100644
--- a/tests/result/upnp.pcap.out
+++ b/tests/result/upnp.pcap.out
@@ -1,9 +1,9 @@
-Guessed flow protos: 2
+Guessed flow protos: 0
-DPI Packets (UDP): 14 (7.00 pkts/flow)
-Confidence Match by port : 2 (flows)
+DPI Packets (UDP): 2 (1.00 pkts/flow)
+Confidence DPI : 2 (flows)
WSD 14 9912 2
- 1 UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/WSD][ClearText][Confidence: Match by port][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][5.63 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 118/0 938/0 2000/0 752/0][Pkt Len c2s/s2c min/avg/max/stddev: 718/0 718/0 718/0 0/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/WSD][ClearText][Confidence: Match by port][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][6.64 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 179/0 1107/0 2004/0 740/0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698/0 698/0 0/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 UDP [fe80::3441:3d24:6d30:a807]:58932 -> [ff02::c]:3702 [proto: 153/WSD][ClearText][Confidence: DPI][cat: Network/14][7 pkts/5026 bytes -> 0 pkts/0 bytes][Goodput ratio: 91/0][5.63 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 118/0 938/0 2000/0 752/0][Pkt Len c2s/s2c min/avg/max/stddev: 718/0 718/0 718/0 0/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 UDP 192.168.61.66:58931 -> 239.255.255.250:3702 [proto: 153/WSD][ClearText][Confidence: DPI][cat: Network/14][7 pkts/4886 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][6.64 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 179/0 1107/0 2004/0 740/0][Pkt Len c2s/s2c min/avg/max/stddev: 698/0 698/0 698/0 0/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.