aboutsummaryrefslogtreecommitdiff
path: root/tests/result/gnutella.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/gnutella.pcap.out')
-rw-r--r--tests/result/gnutella.pcap.out6
1 files changed, 3 insertions, 3 deletions
diff --git a/tests/result/gnutella.pcap.out b/tests/result/gnutella.pcap.out
index b7839d001..b248c0d83 100644
--- a/tests/result/gnutella.pcap.out
+++ b/tests/result/gnutella.pcap.out
@@ -55,9 +55,9 @@ JA3 Host Stats:
23 UDP 10.0.2.15:63964 -> 239.255.255.250:3702 [proto: 153/WSD][ClearText][Confidence: DPI][cat: Network/14][7 pkts/4662 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][6.94 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 202/0 1156/0 2028/0 741/0][Pkt Len c2s/s2c min/avg/max/stddev: 666/0 666/0 666/0 0/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 UDP 10.0.2.15:28681 <-> 60.241.48.194:21301 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][7 pkts/939 bytes <-> 7 pkts/3658 bytes][Goodput ratio: 69/92][197.50 sec][bytes ratio: -0.591 (Download)][IAT c2s/s2c min/avg/max/stddev: 150/152 24027/24027 46205/46195 15830/15827][Pkt Len c2s/s2c min/avg/max/stddev: 70/148 134/523 274/769 60/288][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (client)][Plen Bins: 7,7,28,14,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
25 UDP 10.0.2.15:28681 <-> 89.75.52.19:46010 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][7 pkts/939 bytes <-> 7 pkts/3639 bytes][Goodput ratio: 69/92][197.35 sec][bytes ratio: -0.590 (Download)][IAT c2s/s2c min/avg/max/stddev: 98/59 16969/16961 46205/46196 16968/16973][Pkt Len c2s/s2c min/avg/max/stddev: 70/130 134/520 274/769 60/291][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (.LGTKG)][Plen Bins: 7,7,35,7,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 UDP 10.0.2.15:28681 <-> 203.220.198.244:1194 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][7 pkts/939 bytes <-> 7 pkts/3509 bytes][Goodput ratio: 69/92][197.83 sec][bytes ratio: -0.578 (Download)][IAT c2s/s2c min/avg/max/stddev: 313/315 17988/17988 51261/51260 18094/18093][Pkt Len c2s/s2c min/avg/max/stddev: 70/130 134/501 274/769 60/309][Risk: ** Known Protocol on Non Standard Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (client)][Plen Bins: 7,7,35,14,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 UDP 10.0.2.15:28681 <-> 203.220.198.244:1194 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][7 pkts/939 bytes <-> 7 pkts/3509 bytes][Goodput ratio: 69/92][197.83 sec][bytes ratio: -0.578 (Download)][IAT c2s/s2c min/avg/max/stddev: 313/315 17988/17988 51261/51260 18094/18093][Pkt Len c2s/s2c min/avg/max/stddev: 70/130 134/501 274/769 60/309][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (client)][Plen Bins: 7,7,35,14,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
27 UDP 10.0.2.15:28681 <-> 46.128.114.107:6578 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][7 pkts/939 bytes <-> 7 pkts/3501 bytes][Goodput ratio: 69/92][197.45 sec][bytes ratio: -0.577 (Download)][IAT c2s/s2c min/avg/max/stddev: 60/40 16942/16932 46247/46248 16994/16998][Pkt Len c2s/s2c min/avg/max/stddev: 70/128 134/500 274/769 60/311][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (client)][Plen Bins: 7,7,35,14,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,28,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 28 TCP 10.0.2.15:50314 <-> 80.7.252.192:6888 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][10 pkts/1582 bytes <-> 11 pkts/2813 bytes][Goodput ratio: 65/79][0.20 sec][bytes ratio: -0.280 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/17 69/69 25/25][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158/256 663/1514 187/429][Risk: ** Known Protocol on Non Standard Port **** Self-signed Certificate **** TLS Expired Certificate **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extension **** TLS Certificate Validity Too Long **][Risk Score: 360][TLSv1.2][JA3C: 6992dc627532d4fbccd43fb03d3bdeb4][JA3S: 1249fb68f48c0444718e4d3b48b27188][Issuer: CN=gtk-gnutella/1.2.1][Subject: CN=gtk-gnutella/1.2.1][Certificate SHA-1: E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93][Firefox][Validity: 2021-12-05 22:34:00 - 2037-12-31 23:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,12,12,0,0,0,12,0,0,0,0,0,0,0,0,12,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0]
+ 28 TCP 10.0.2.15:50314 <-> 80.7.252.192:6888 [proto: 91/TLS][Encrypted][Confidence: DPI][cat: Web/5][10 pkts/1582 bytes <-> 11 pkts/2813 bytes][Goodput ratio: 65/79][0.20 sec][bytes ratio: -0.280 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/17 69/69 25/25][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 158/256 663/1514 187/429][Risk: ** Known Proto on Non Std Port **** Self-signed Cert **** TLS Cert Expire **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** TLS Cert Validity Too Long **][Risk Score: 360][TLSv1.2][JA3C: 6992dc627532d4fbccd43fb03d3bdeb4][JA3S: 1249fb68f48c0444718e4d3b48b27188][Issuer: CN=gtk-gnutella/1.2.1][Subject: CN=gtk-gnutella/1.2.1][Certificate SHA-1: E8:DD:F0:B2:FF:8C:27:5A:12:75:D4:AE:60:1B:D9:87:E8:FF:45:93][Firefox][Validity: 2021-12-05 22:34:00 - 2037-12-31 23:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256][Plen Bins: 12,12,0,12,12,0,0,0,12,0,0,0,0,0,0,0,0,12,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0]
29 UDP 10.0.2.15:28681 <-> 45.31.152.112:26851 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][6 pkts/836 bytes <-> 5 pkts/3224 bytes][Goodput ratio: 70/93][186.46 sec][bytes ratio: -0.588 (Download)][IAT c2s/s2c min/avg/max/stddev: 7100/7142 19000/19000 44374/44331 14989/14962][Pkt Len c2s/s2c min/avg/max/stddev: 70/148 139/645 274/769 63/248][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (u.GTKG)][Plen Bins: 9,0,36,9,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
30 UDP 10.0.2.15:28681 <-> 96.65.68.194:35481 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][6 pkts/836 bytes <-> 5 pkts/3224 bytes][Goodput ratio: 70/93][197.61 sec][bytes ratio: -0.588 (Download)][IAT c2s/s2c min/avg/max/stddev: 5017/5014 21044/21044 46304/46310 15712/15715][Pkt Len c2s/s2c min/avg/max/stddev: 70/148 139/645 274/769 63/248][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (client)][Plen Bins: 9,0,36,9,0,0,0,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,36,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 10.0.2.15:28681 <-> 181.84.178.16:60262 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/766 bytes <-> 5 pkts/3224 bytes][Goodput ratio: 72/93][84.70 sec][bytes ratio: -0.616 (Download)][IAT c2s/s2c min/avg/max/stddev: 5114/5194 21079/21064 46304/46263 15704/15629][Pkt Len c2s/s2c min/avg/max/stddev: 123/148 153/645 274/769 60/248][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (client)][Plen Bins: 0,0,40,10,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,40,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
@@ -110,7 +110,7 @@ JA3 Host Stats:
78 UDP 10.0.2.15:28681 <-> 194.163.180.126:10825 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][3 pkts/296 bytes <-> 3 pkts/1166 bytes][Goodput ratio: 57/89][113.21 sec][bytes ratio: -0.595 (Download)][IAT c2s/s2c min/avg/max/stddev: 19/22 56592/56593 113164/113164 56572/56571][Pkt Len c2s/s2c min/avg/max/stddev: 70/149 99/389 128/769 24/272][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (.LGTKG)][Plen Bins: 16,16,16,16,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
79 ICMPV6 [fe80::c50d:519f:96a4:e108]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][16 pkts/1460 bytes -> 0 pkts/0 bytes][Goodput ratio: 23/0][589.99 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 42142/0 584660/0 150469/0][Pkt Len c2s/s2c min/avg/max/stddev: 90/0 91/0 110/0 5/0][Plen Bins: 93,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
80 TCP 10.0.2.15:50297 <-> 14.200.255.229:45710 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/882 bytes <-> 5 pkts/577 bytes][Goodput ratio: 68/52][0.67 sec][bytes ratio: 0.209 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 168/113 338/338 168/159][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/115 654/357 239/121][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 81 TCP 10.0.2.15:50299 <-> 203.220.198.244:1194 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/883 bytes <-> 5 pkts/550 bytes][Goodput ratio: 68/50][0.63 sec][bytes ratio: 0.232 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/1 158/105 315/314 157/148][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 177/110 655/330 239/110][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Known Protocol on Non Standard Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 81 TCP 10.0.2.15:50299 <-> 203.220.198.244:1194 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/883 bytes <-> 5 pkts/550 bytes][Goodput ratio: 68/50][0.63 sec][bytes ratio: 0.232 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/1 158/105 315/314 157/148][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 177/110 655/330 239/110][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Known Proto on Non Std Port **** Unsafe Protocol **][Risk Score: 60][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
82 TCP 10.0.2.15:50298 <-> 46.128.114.107:6578 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/882 bytes <-> 5 pkts/539 bytes][Goodput ratio: 68/49][0.12 sec][bytes ratio: 0.241 (Upload)][IAT c2s/s2c min/avg/max/stddev: 3/3 30/23 61/61 27/27][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/108 654/319 239/106][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
83 TCP 10.0.2.15:50296 <-> 77.58.211.52:3806 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/880 bytes <-> 5 pkts/529 bytes][Goodput ratio: 68/48][0.08 sec][bytes ratio: 0.249 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 20/19 53/52 21/24][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/106 652/309 238/102][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
84 TCP 10.0.2.15:50304 <-> 85.168.34.105:39908 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][5 pkts/881 bytes <-> 5 pkts/528 bytes][Goodput ratio: 68/48][0.10 sec][bytes ratio: 0.251 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/14 24/19 43/42 18/17][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 176/106 653/308 238/101][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.