Improved NATPMP dissection. (#1745)

Signed-off-by: Toni Uhlig <matzeton@googlemail.com> Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni <matzeton@googlemail.com> 2022-09-21 18:24:04 +0200
committer: GitHub <noreply@github.com> 2022-09-21 18:24:04 +0200
commit: 644ad34962365fa794b8f58e01a7290496f3d6ef (patch)
tree: 6585447ab509e90ce4733066c8182f8e930ebc36 /tests
parent: d6701e8979292834cd50abc78e8beafea7c7be8c (diff)
4 files changed, 21 insertions, 22 deletions
diff --git a/tests/result/gnutella.pcap.out b/tests/result/gnutella.pcap.out
index ec38fd18b..5accad659 100644
--- a/tests/result/gnutella.pcap.out
+++ b/tests/result/gnutella.pcap.out
@@ -4,9 +4,9 @@ DPI Packets (TCP):	528	(3.85 pkts/flow)
 DPI Packets (UDP):	1232	(2.01 pkts/flow)
 DPI Packets (other):	10	(1.00 pkts/flow)
 Confidence Unknown          : 592 (flows)
-Confidence Match by port    : 5 (flows)
-Confidence DPI              : 163 (flows)
-Num dissector calls: 66381 (87.34 diss/flow)
+Confidence Match by port    : 1 (flows)
+Confidence DPI              : 167 (flows)
+Num dissector calls: 65961 (86.79 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
@@ -209,10 +209,10 @@ JA3 Host Stats:
 	162	ICMPV6 [::]:0 -> [ff02::1:ffa4:e108]:0 [proto: 102/ICMPV6][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/78 bytes -> 0 pkts/0 bytes][Goodput ratio: 20/0][< 1 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	163	UDP 10.0.2.15:63717 -> 224.0.0.252:5355 [proto: 154/LLMNR][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/71 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][< 1 sec][Hostname/SNI: msedgewin10][PLAIN TEXT (MSEDGEWIN)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	164	UDP 10.0.2.15:28681 -> 107.4.56.177:10000 [proto: 161/CiscoVPN][IP: 0/Unknown][Encrypted][Confidence: Match by port][cat: VPN/2][1 pkts/66 bytes -> 0 pkts/0 bytes][Goodput ratio: 36/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	165	UDP 10.0.2.15:57619 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	166	UDP 10.0.2.15:57620 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	167	UDP 10.0.2.15:57621 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	168	UDP 10.0.2.15:57622 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	165	UDP 10.0.2.15:57619 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	166	UDP 10.0.2.15:57620 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	167	UDP 10.0.2.15:57621 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	168	UDP 10.0.2.15:57622 -> 10.0.2.2:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 
 
 Undetected flows:
diff --git a/tests/result/natpmp.pcap.out b/tests/result/natpmp.pcap.out
index 3b816952f..1b706794f 100644
--- a/tests/result/natpmp.pcap.out
+++ b/tests/result/natpmp.pcap.out
@@ -1,9 +1,8 @@
-Guessed flow protos:	1
+Guessed flow protos:	3
 
-DPI Packets (UDP):	3	(1.00 pkts/flow)
-Confidence Match by port    : 1 (flows)
-Confidence DPI              : 2 (flows)
-Num dissector calls: 108 (36.00 diss/flow)
+DPI Packets (UDP):	7	(2.33 pkts/flow)
+Confidence DPI              : 3 (flows)
+Num dissector calls: 3 (1.00 diss/flow)
 LRU cache ookla:      0/0/0 (insert/search/found)
 LRU cache bittorrent: 0/0/0 (insert/search/found)
 LRU cache zoom:       0/0/0 (insert/search/found)
@@ -22,6 +21,6 @@ Patricia protocols:   6/0 (search/found)
 
 NAT-PMP	7	368	3
 
-	1	UDP 192.168.2.100:35763 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	2	UDP 192.168.2.100:59817 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][2 pkts/108 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][0.25 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	3	UDP 192.168.2.100:36845 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	UDP 192.168.2.100:35763 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][< 1 sec][Result: 0][Internal Port: 22000][External Port: 20216][External Address: 0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	UDP 192.168.2.100:59817 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][2 pkts/108 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][0.25 sec][Result: 0][Internal Port: 22000][External Port: 6243][External Address: 0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	UDP 192.168.2.100:36845 -> 192.168.2.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/44 bytes -> 0 pkts/0 bytes][Goodput ratio: 4/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/skype.pcap.out b/tests/result/skype.pcap.out
index 186347cc6..f93130799 100644
--- a/tests/result/skype.pcap.out
+++ b/tests/result/skype.pcap.out
@@ -1,7 +1,7 @@
-Guessed flow protos:	93
+Guessed flow protos:	95
 
 DPI Packets (TCP):	1554	(16.02 pkts/flow)
-DPI Packets (UDP):	331	(1.73 pkts/flow)
+DPI Packets (UDP):	337	(1.76 pkts/flow)
 DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 59 (flows)
 Confidence Match by port    : 28 (flows)
@@ -125,8 +125,8 @@ JA3 Host Stats:
 	79	UDP 192.168.1.34:13021 -> 176.26.55.167:63773 [proto: 125.38/Skype_Teams.Skype_TeamsCall][IP: 0/Unknown][Encrypted][Confidence: DPI][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][20.13 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	80	UDP 192.168.1.34:58681 <-> 192.168.1.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Goodput ratio: 58/74][0.07 sec][Hostname/SNI: db3msgr5011709.gateway.messenger.live.com][::][PLAIN TEXT (MSGR5011709)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	81	UDP 192.168.1.34:62454 <-> 192.168.1.1:53 [proto: 5.143/DNS.AppleiCloud][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/101 bytes <-> 1 pkts/133 bytes][Goodput ratio: 58/68][0.05 sec][Hostname/SNI: p05-keyvalueservice.icloud.com.akadns.net][17.172.100.36][PLAIN TEXT (valueservice)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	82	UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.78 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	83	UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.83 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	82	UDP 192.168.1.34:49511 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.78 sec][Result: 0][Internal Port: 13021][External Port: 13021][External Address: 0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	83	UDP 192.168.1.34:54067 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.83 sec][Result: 0][Internal Port: 13021][External Port: 13021][External Address: 0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	84	UDP 192.168.1.34:123 <-> 17.253.48.245:123 [proto: 9/NTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][1 pkts/90 bytes <-> 1 pkts/90 bytes][Goodput ratio: 53/53][0.05 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	85	UDP 192.168.1.34:51879 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype_Teams][IP: 0/Unknown][ClearText][Confidence: DPI][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.05 sec][Hostname/SNI: e4593.g.akamaiedge.net][23.206.33.166][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	86	UDP 192.168.1.34:63321 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype_Teams][IP: 0/Unknown][ClearText][Confidence: DPI][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.05 sec][Hostname/SNI: e4593.g.akamaiedge.net][23.206.33.166][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/skype_no_unknown.pcap.out b/tests/result/skype_no_unknown.pcap.out
index 88b7e7c78..211483cc2 100644
--- a/tests/result/skype_no_unknown.pcap.out
+++ b/tests/result/skype_no_unknown.pcap.out
@@ -1,7 +1,7 @@
-Guessed flow protos:	68
+Guessed flow protos:	69
 
 DPI Packets (TCP):	1080	(14.21 pkts/flow)
-DPI Packets (UDP):	285	(1.53 pkts/flow)
+DPI Packets (UDP):	288	(1.55 pkts/flow)
 DPI Packets (other):	5	(1.00 pkts/flow)
 Confidence Unknown          : 44 (flows)
 Confidence Match by port    : 22 (flows)
@@ -108,7 +108,7 @@ JA3 Host Stats:
 	64	UDP 192.168.1.34:13021 -> 174.49.171.224:32011 [proto: 125.38/Skype_Teams.Skype_TeamsCall][IP: 0/Unknown][Encrypted][Confidence: DPI][cat: VoIP/10][5 pkts/300 bytes -> 0 pkts/0 bytes][Goodput ratio: 30/0][20.15 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	65	UDP 192.168.1.34:57694 <-> 192.168.1.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][1 pkts/101 bytes <-> 1 pkts/166 bytes][Goodput ratio: 58/74][0.05 sec][Hostname/SNI: db3msgr5011709.gateway.messenger.live.com][::][PLAIN TEXT (MSGR5011709)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	66	UDP [fe80::c62c:3ff:fe06:49fe]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][2 pkts/258 bytes -> 0 pkts/0 bytes][Goodput ratio: 52/0][0.16 sec][Hostname/SNI: lucas-imac.local][lucas-imac.local][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-	67	UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.83 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	67	UDP 192.168.1.34:59052 -> 192.168.1.1:5351 [proto: 312/NAT-PMP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][4 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 22/0][1.83 sec][Result: 0][Internal Port: 13021][External Port: 13021][External Address: 0.0.0.0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	68	UDP 192.168.1.92:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][IP: 0/Unknown][ClearText][Confidence: DPI][cat: System/18][1 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Hostname/SNI: lucas-imac][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT ( EMFFEDEBFDCNEJENEBEDCACACACACA)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	69	TCP 192.168.1.34:51283 <-> 111.221.74.48:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: Match by port][cat: Web/5][2 pkts/132 bytes <-> 1 pkts/74 bytes][Goodput ratio: 0/0][0.30 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
 	70	UDP 192.168.1.34:59788 <-> 192.168.1.1:53 [proto: 5.125/DNS.Skype_Teams][IP: 0/Unknown][ClearText][Confidence: DPI][cat: VoIP/10][1 pkts/82 bytes <-> 1 pkts/98 bytes][Goodput ratio: 48/57][0.06 sec][Hostname/SNI: e4593.g.akamaiedge.net][23.206.33.166][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
author	Toni <matzeton@googlemail.com>	2022-09-21 18:24:04 +0200
committer	GitHub <noreply@github.com>	2022-09-21 18:24:04 +0200
commit	644ad34962365fa794b8f58e01a7290496f3d6ef (patch)
tree	6585447ab509e90ce4733066c8182f8e930ebc36 /tests
parent	d6701e8979292834cd50abc78e8beafea7c7be8c (diff)