Added signal test pcap

author: Luca Deri <deri@ntop.org> 2019-09-21 09:40:20 +0200
committer: Luca Deri <deri@ntop.org> 2019-09-21 09:40:20 +0200
commit: 421f819b8ae6e6effd09860a1758c3f34c457a6d (patch)
tree: 3e60f8776bb6c01490c6e85aa47f522ff8b05f75 /tests
parent: ab9246f51f2eea0d467117e46d3e3ca4e1d379ca (diff)
2 files changed, 32 insertions, 0 deletions
diff --git a/tests/pcap/signal.pcap b/tests/pcap/signal.pcap
new file mode 100644
index 000000000..5175e80e3
--- /dev/null
+++ b/tests/pcap/signal.pcap
diff --git a/tests/result/signal.pcap.out b/tests/result/signal.pcap.out
new file mode 100644
index 000000000..c337b6dbb
--- /dev/null
+++ b/tests/result/signal.pcap.out
@@ -0,0 +1,32 @@
+DHCP	4	1368	1
+Signal	512	282327	11
+ICMP	1	70	1
+TLS	20	1417	2
+GenericProtocol	2	186	1
+Apple	8	605	1
+AppleiTunes	90	29795	2
+
+JA3 Host Stats: 
+		 IP Address                  	 # JA3C     
+	1	 192.168.2.17             	 3      
+
+
+	1	TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][cat: Chat/9][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2.4/4.4 58/47 7.6/9.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217.4/97.8 1506/1506 547.8/174.6][TLSv1.2][Client: cdn.signal.org][JA3C: 6725ca90906e1036febcbfd464e2e326][Server: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Organization: Open Whisper Systems][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	2	TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 26.9/30.3 119/114 47.4/48.7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625.3/405.8 1506/1506 628.8/565.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	3	TCP 192.168.2.17:57022 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][24 pkts/2540 bytes <-> 21 pkts/12673 bytes][bytes ratio: -0.666 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17.1/18.1 124/83 32.6/29.2][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 105.8/603.5 583/1506 104.9/573.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
+	4	TCP 192.168.2.17:57018 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][cat: Streaming/17][25 pkts/2582 bytes <-> 20 pkts/12000 bytes][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9.8/10.1 47/52 17.9/19.4][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103.3/600.0 583/1506 103.5/587.8][TLSv1.3][Client: itunes.apple.com][JA3C: 17305a56a62a10f6b0ee8edcc3b1769c][JA3S: 15af977ce25de452b96affa2addb1036][Cipher: TLS_AES_256_GCM_SHA384]
+	5	TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 251.8/264.4 2246/2199 603.7/615.5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139.1/362.9 502/1506 119.5/470.7][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	6	TCP 192.168.2.17:57024 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2054 bytes <-> 11 pkts/3775 bytes][bytes ratio: -0.295 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.6/47.2 167/186 58.0/73.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.9/343.2 583/1506 133.5/472.0][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	7	TCP 192.168.2.17:57021 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2108 bytes <-> 10 pkts/3709 bytes][bytes ratio: -0.275 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 898.5/38.9 13018/120 3239.4/53.9][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.8/370.9 583/1506 130.8/486.5][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	8	TCP 192.168.2.17:57020 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2103 bytes <-> 11 pkts/3562 bytes][bytes ratio: -0.258 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 898.7/35.6 13011/122 3237.5/53.8][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 131.4/323.8 583/1506 130.5/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	9	TCP 192.168.2.17:57019 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][16 pkts/2095 bytes <-> 11 pkts/3527 bytes][bytes ratio: -0.255 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 898.8/34.6 13026/120 3241.5/52.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 130.9/320.6 583/1506 129.9/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	10	TCP 192.168.2.17:57023 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2049 bytes <-> 11 pkts/3562 bytes][bytes ratio: -0.270 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.1/46.4 168/181 57.1/71.9][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.6/323.8 583/1506 133.1/472.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	11	TCP 192.168.2.17:57025 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][cat: Chat/9][15 pkts/2041 bytes <-> 11 pkts/3527 bytes][bytes ratio: -0.267 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 41.3/46.7 166/184 57.7/72.4][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 136.1/320.6 583/1506 132.6/473.1][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: 6725ca90906e1036febcbfd464e2e326][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	12	TCP 192.168.2.17:49226 <-> 34.225.240.173:443 [proto: 91.39/TLS.Signal][cat: Chat/9][13 pkts/1688 bytes <-> 11 pkts/3569 bytes][bytes ratio: -0.358 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 824.6/978.4 9161/9119 2514.1/2714.3][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 129.8/324.5 502/1506 120.2/473.3][TLSv1.2][Client: textsecure-service.whispersystems.org][JA3C: e4d448cdfe06dc1243c1eb026c74ac9a][JA3S: 303951d4c50efb2e991652225a6f02b1][Organization: Open Whisper Systems][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Validity: 2013-03-25 22:18:35 - 2023-03-23 22:18:35][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]
+	13	UDP 0.0.0.0:68 -> 255.255.255.255:67 [proto: 18/DHCP][cat: Network/14][4 pkts/1368 bytes -> 0 pkts/0 bytes][Host: lucas-imac][DHCP Fingerprint: 1,121,3,6,15,119,252,95,44,46]
+	14	TCP 23.57.24.16:443 <-> 192.168.2.17:57016 [proto: 91/TLS][cat: Web/5][6 pkts/408 bytes <-> 6 pkts/471 bytes][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/7 130.0/4.6 347/16 151.4/6.3][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 68.0/78.5 90/105 16.1/14.7]
+	15	TCP 192.168.2.17:56996 <-> 17.248.146.144:443 [proto: 91.140/TLS.Apple][cat: Web/5][4 pkts/341 bytes <-> 4 pkts/264 bytes][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/0 8.3/0.0 25/0 11.8/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85.2/66.0 112/66 20.0/0.0]
+	16	TCP 192.168.2.17:57017 <-> 2.18.232.118:443 [proto: 91/TLS][cat: Web/5][5 pkts/317 bytes <-> 3 pkts/221 bytes][bytes ratio: 0.178 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6.0/0.0 24/0 10.4/0.0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 63.4/73.7 89/89 13.6/10.8]
+	17	UDP 192.168.2.17:56263 <-> 192.168.2.1:53 [proto: 5.39/DNS.Signal][cat: Chat/9][1 pkts/97 bytes <-> 1 pkts/193 bytes][Host: textsecure-service.whispersystems.org][PLAIN TEXT (textsecure)]
+	18	UDP 192.168.2.17:60793 <-> 192.168.2.1:53 [proto: 5.137/DNS.GenericProtocol][cat: Media/1][1 pkts/85 bytes <-> 1 pkts/101 bytes][Host: e673.dsce9.akamaiedge.net][PLAIN TEXT (akamaiedge)]
+	19	ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes]
author	Luca Deri <deri@ntop.org>	2019-09-21 09:40:20 +0200
committer	Luca Deri <deri@ntop.org>	2019-09-21 09:40:20 +0200
commit	421f819b8ae6e6effd09860a1758c3f34c457a6d (patch)
tree	3e60f8776bb6c01490c6e85aa47f522ff8b05f75 /tests
parent	ab9246f51f2eea0d467117e46d3e3ca4e1d379ca (diff)