aboutsummaryrefslogtreecommitdiff
path: root/tests/cfgs/default/result/signal.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/cfgs/default/result/signal.pcap.out')
-rw-r--r--tests/cfgs/default/result/signal.pcap.out25
1 files changed, 15 insertions, 10 deletions
diff --git a/tests/cfgs/default/result/signal.pcap.out b/tests/cfgs/default/result/signal.pcap.out
index 8ec99b62f..2cb214ffa 100644
--- a/tests/cfgs/default/result/signal.pcap.out
+++ b/tests/cfgs/default/result/signal.pcap.out
@@ -9,29 +9,34 @@ LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
-LRU cache fpc_dns: 1/12/0 (insert/search/found)
+LRU cache fpc_dns: 4/12/1 (insert/search/found)
Automa host: 16/14 (search/found)
Automa domain: 16/0 (search/found)
Automa tls cert: 0/0 (search/found)
-Automa risk mask: 2/0 (search/found)
+Automa risk mask: 0/0 (search/found)
Automa common alpns: 20/20 (search/found)
-Patricia risk mask: 12/0 (search/found)
+Patricia risk mask: 0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 1/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 27/11 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
-DNS 2 186 1
+DNS 4 476 2
DHCP 4 1368 1
-Signal 512 282327 11
+Signal 510 282037 10
ICMP 1 70 1
TLS 28 2022 3
AppleiTunes 90 29795 2
Safe 28 2022 3
-Acceptable 7 1624 3
-Fun 602 312122 13
+Acceptable 9 1914 4
+Fun 600 311832 12
+
+Web 28 2022 3
+Chat 510 282037 10
+Network 9 1914 4
+Streaming 90 29795 2
JA Host Stats:
IP Address # JA4C
@@ -39,7 +44,7 @@ JA Host Stats:
1 TCP 192.168.2.17:57027 <-> 13.35.253.42:443 [proto: 91.39/TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][170 pkts/206962 bytes <-> 95 pkts/9293 bytes][Goodput ratio: 95/32][0.48 sec][Hostname/SNI: cdn.signal.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.914 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/3 39/47 6/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 1217/98 1506/1506 548/175][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: cdn.signal.org][JA3S: c4b2785a87896e19d37eee932070cb22][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=cdn.signal.org][Certificate SHA-1: 81:3D:8A:2E:EE:B2:E1:F4:1C:2B:6D:20:16:54:B2:C1:87:D0:1E:12][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:19:50][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 1,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,84,0,0]
- 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][Goodput ratio: 89/84][0.57 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/20 112/114 35/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625/406 1506/1506 629/565][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,0,4,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,4,0,0,0,37,0,0]
+ 2 TCP 192.168.2.17:57026 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 39/Signal, Confidence: DNS][DPI packets: 7][cat: Chat/9][22 pkts/13757 bytes <-> 16 pkts/6493 bytes][Goodput ratio: 89/84][0.57 sec][Hostname/SNI: textsecure-service.whispersystems.org][(Advertised) ALPNs: h2;http/1.1][(Negotiated) ALPN: h2][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: 0.359 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 13/20 112/114 35/41][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 625/406 1506/1506 629/565][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.2][JA4: t13d1713h2_0633f72d41ca_845d286b0d67][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 1089ea6f0461a29006cc96dfe7a11d80][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Safari][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,8,4,0,0,0,4,0,4,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,4,0,0,0,37,0,0]
3 TCP 192.168.2.17:57022 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][24 pkts/2540 bytes <-> 21 pkts/12673 bytes][Goodput ratio: 38/89][0.40 sec][Hostname/SNI: itunes.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.666 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/14 124/83 35/28][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 106/603 583/1506 105/574][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.3][JA4: t13d2613h2_2802a3db6c62_845d286b0d67][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 13,17,8,0,4,0,0,0,8,0,0,4,0,0,0,0,4,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,4,0,0,0,0,0,0,17,0,0]
4 TCP 192.168.2.17:57018 <-> 23.57.24.16:443 [proto: 91.145/TLS.AppleiTunes][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Streaming/17][25 pkts/2582 bytes <-> 20 pkts/12000 bytes][Goodput ratio: 37/89][0.24 sec][Hostname/SNI: itunes.apple.com][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2][bytes ratio: -0.646 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 7/10 47/52 16/19][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 103/600 583/1506 103/588][TCP Fingerprint: 2_64_65535_d0a7eb742982/Unknown][TLSv1.3][JA4: t13d2613h2_2802a3db6c62_845d286b0d67][JA3S: 15af977ce25de452b96affa2addb1036][Safari][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 13,18,9,0,4,0,0,0,9,0,0,4,0,0,0,0,4,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,4,0,0,0,0,0,0,18,0,0]
5 TCP 192.168.2.17:49227 <-> 35.169.3.40:443 [proto: 91.39/TLS.Signal][IP: 265/AmazonAWS][Encrypted][Confidence: DPI][FPC: 265/AmazonAWS, Confidence: IP address][DPI packets: 7][cat: Chat/9][13 pkts/1808 bytes <-> 12 pkts/4355 bytes][Goodput ratio: 52/82][3.03 sec][Hostname/SNI: textsecure-service.whispersystems.org][bytes ratio: -0.413 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 62/293 115/2199 52/677][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 139/363 502/1506 120/471][Risk: ** TLS (probably) Not Carrying HTTPS **][Risk Score: 10][Risk Info: No ALPN][TCP Fingerprint: 2_64_65535_d29295416479/macOS][TLSv1.2][JA4: t12d220700_0d4ca5d4ec72_3304d8368043][ServerNames: textsecure-service.whispersystems.org,service.signal.org][JA3S: 303951d4c50efb2e991652225a6f02b1][Issuer: C=US, ST=California, L=San Francisco, O=Open Whisper Systems, OU=Open Whisper Systems, CN=TextSecure][Subject: C=US, ST=California, O=Open Whisper Systems, OU=Open Whisper Systems, CN=textsecure-service.whispersystems.org][Certificate SHA-1: 5E:9E:63:F5:69:45:C7:DC:E6:4D:26:68:36:7E:C2:68:DB:02:60:8B][Firefox][Validity: 2019-02-15 17:38:17 - 2029-03-12 18:20:20][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 0,25,16,8,0,0,8,8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0]
@@ -54,6 +59,6 @@ JA Host Stats:
14 TCP 23.57.24.16:443 <-> 192.168.2.17:57016 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 7][cat: Web/5][6 pkts/408 bytes <-> 6 pkts/471 bytes][Goodput ratio: 12/13][0.65 sec][bytes ratio: -0.072 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 7/16 158/4 347/16 157/7][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 68/78 90/105 16/15][Plen Bins: 75,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 192.168.2.17:56996 <-> 17.248.146.144:443 [proto: 91/TLS][IP: 140/Apple][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 2][cat: Web/5][4 pkts/341 bytes <-> 4 pkts/264 bytes][Goodput ratio: 23/0][0.03 sec][bytes ratio: 0.127 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 25/0 8/0 25/0 12/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 85/66 112/66 20/0][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 192.168.2.17:57017 <-> 2.18.232.118:443 [proto: 91/TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 91/TLS, Confidence: DPI][DPI packets: 1][cat: Web/5][5 pkts/317 bytes <-> 3 pkts/221 bytes][Goodput ratio: 7/10][0.03 sec][bytes ratio: 0.178 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/0 24/0 10/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/66 63/74 89/89 14/11][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 17 UDP 192.168.2.17:56263 <-> 192.168.2.1:53 [proto: 5.39/DNS.Signal][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5.39/DNS.Signal, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/193 bytes][Goodput ratio: 56/78][0.03 sec][Hostname/SNI: textsecure-service.whispersystems.org][54.175.47.110][PLAIN TEXT (textsecure)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 18 UDP 192.168.2.17:60793 <-> 192.168.2.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.04 sec][Hostname/SNI: e673.dsce9.akamaiedge.net][23.57.24.16][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 17 UDP 192.168.2.17:56263 <-> 192.168.2.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/97 bytes <-> 1 pkts/193 bytes][Goodput ratio: 56/78][0.03 sec][Hostname/SNI: textsecure-service.whispersystems.org][54.175.47.110][DNS Id: 0x00c1][PLAIN TEXT (textsecure)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 18 UDP 192.168.2.17:60793 <-> 192.168.2.1:53 [proto: 5/DNS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 5/DNS, Confidence: DPI][DPI packets: 2][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.04 sec][Hostname/SNI: e673.dsce9.akamaiedge.net][23.57.24.16][DNS Id: 0xcaf8][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 81/ICMP, Confidence: DPI][DPI packets: 1][cat: Network/14][1 pkts/70 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.