aboutsummaryrefslogtreecommitdiff
path: root/tests/result/gnutella.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/gnutella.pcap.out')
-rw-r--r--tests/result/gnutella.pcap.out10
1 files changed, 5 insertions, 5 deletions
diff --git a/tests/result/gnutella.pcap.out b/tests/result/gnutella.pcap.out
index 79f871d2a..1d2f7c300 100644
--- a/tests/result/gnutella.pcap.out
+++ b/tests/result/gnutella.pcap.out
@@ -1,13 +1,13 @@
Guessed flow protos: 597
-DPI Packets (TCP): 522 (3.81 pkts/flow)
+DPI Packets (TCP): 528 (3.85 pkts/flow)
DPI Packets (UDP): 1232 (2.01 pkts/flow)
DPI Packets (other): 10 (1.00 pkts/flow)
Confidence Unknown : 595 (flows)
Confidence Match by port : 1 (flows)
Confidence Match by IP : 1 (flows)
Confidence DPI : 163 (flows)
-Num dissector calls: 64253 (84.54 diss/flow)
+Num dissector calls: 64265 (84.56 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache zoom: 0/0/0 (insert/search/found)
@@ -46,15 +46,15 @@ JA3 Host Stats:
1 10.0.2.15 1
- 1 TCP 10.0.2.15:50327 <-> 69.118.162.229:46906 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][673 pkts/38650 bytes <-> 1683 pkts/2280370 bytes][Goodput ratio: 6/96][431.96 sec][Hostname/SNI: 69.118.162.229][bytes ratio: -0.967 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 538/225 9653/1135 666/419][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57/1355 587/1514 40/279][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 20][Risk Info: Found host 69.118.162.229][PLAIN TEXT (GET /uri)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0]
- 2 TCP 10.0.2.15:50328 <-> 189.147.72.83:26108 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][420 pkts/23742 bytes <-> 831 pkts/1095030 bytes][Goodput ratio: 4/96][422.59 sec][Hostname/SNI: 189.147.72.83][bytes ratio: -0.958 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 1002/479 1310/1219 140/510][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57/1318 592/1514 36/217][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 20][Risk Info: Found host 189.147.72.83][PLAIN TEXT (GET /uri)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49,0,0,0,0,0,0,0,0,0,0,50,0,0]
+ 1 TCP 10.0.2.15:50327 <-> 69.118.162.229:46906 [proto: 7.35/HTTP.Gnutella][ClearText][Confidence: DPI][cat: Media/1][673 pkts/38650 bytes <-> 1683 pkts/2280370 bytes][Goodput ratio: 6/96][431.96 sec][Hostname/SNI: 69.118.162.229][bytes ratio: -0.967 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 538/225 9653/1135 666/419][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57/1355 587/1514 40/279][URL: 69.118.162.229:46906/uri-res/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI][StatusCode: 206][Content-Type: audio/mpeg][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 70][Risk Info: Found host 69.118.162.229][PLAIN TEXT (GET /uri)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0]
+ 2 TCP 10.0.2.15:50328 <-> 189.147.72.83:26108 [proto: 7.35/HTTP.Gnutella][ClearText][Confidence: DPI][cat: Media/1][420 pkts/23742 bytes <-> 831 pkts/1095030 bytes][Goodput ratio: 4/96][422.59 sec][Hostname/SNI: 189.147.72.83][bytes ratio: -0.958 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/0 1002/479 1310/1219 140/510][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 57/1318 592/1514 36/217][URL: 189.147.72.83:26108/uri-res/N2R?urn:sha1:LXIP2A72T5H3BU3GRUMZFYNU3OYDK6FI][StatusCode: 206][Content-Type: audio/mpeg][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 70][Risk Info: Found host 189.147.72.83][PLAIN TEXT (GET /uri)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,49,0,0,0,0,0,0,0,0,0,0,50,0,0]
3 TCP 10.0.2.15:50284 <-> 104.156.226.72:53258 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][182 pkts/12456 bytes <-> 183 pkts/50754 bytes][Goodput ratio: 21/81][504.99 sec][bytes ratio: -0.606 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2737/2652 27658/29635 5861/5897][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 68/277 654/1078 50/396][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 69,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,27,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.0.2.15:50285 <-> 75.133.101.93:52367 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][153 pkts/10889 bytes <-> 159 pkts/25403 bytes][Goodput ratio: 24/66][505.01 sec][bytes ratio: -0.400 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3311/2989 31483/31436 6322/5994][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71/160 653/1514 54/290][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 80,3,0,6,2,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
5 TCP 10.0.2.15:50312 <-> 104.238.172.250:23548 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][146 pkts/10497 bytes <-> 149 pkts/15445 bytes][Goodput ratio: 25/48][502.88 sec][bytes ratio: -0.191 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3325/3112 28295/28349 6532/6371][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 72/104 655/1078 56/155][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 82,3,2,7,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 10.0.2.15:50300 <-> 188.61.52.183:11852 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][66 pkts/6593 bytes <-> 69 pkts/10484 bytes][Goodput ratio: 46/64][502.91 sec][bytes ratio: -0.228 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/0 8559/7533 32308/32351 8859/8516][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 100/152 653/1514 91/201][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 1,43,9,6,26,4,0,1,1,0,1,1,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
7 UDP [fe80::c50d:519f:96a4:e108]:63958 -> [ff02::c]:3702 [proto: 153/WSD][ClearText][Confidence: DPI][cat: Network/14][14 pkts/15504 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][586.41 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 21/0 48849/0 583774/0 161286/0][Pkt Len c2s/s2c min/avg/max/stddev: 834/0 1107/0 1153/0 112/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,85,0,0,0,0,0,0,0,0,0,0,0,0,0]
8 UDP 10.0.2.15:63957 -> 239.255.255.250:3702 [proto: 153/WSD][ClearText][Confidence: DPI][cat: Network/14][13 pkts/14194 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][586.30 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 21/0 53286/0 583775/0 167755/0][Pkt Len c2s/s2c min/avg/max/stddev: 814/0 1092/0 1115/0 80/0][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,92,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 9 TCP 10.0.2.15:50330 <-> 69.118.162.229:46906 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][9 pkts/1011 bytes <-> 12 pkts/11017 bytes][Goodput ratio: 51/94][3.38 sec][Hostname/SNI: 69.118.162.229][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 388/240 1119/1115 493/448][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112/918 567/1514 161/644][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 20][Risk Info: Found host 69.118.162.229][PLAIN TEXT (GET /gnutella/thex/v1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0,55,0,0]
+ 9 TCP 10.0.2.15:50330 <-> 69.118.162.229:46906 [proto: 7.35/HTTP.Gnutella][ClearText][Confidence: DPI][cat: Download/7][9 pkts/1011 bytes <-> 12 pkts/11017 bytes][Goodput ratio: 51/94][3.38 sec][Hostname/SNI: 69.118.162.229][bytes ratio: -0.832 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 388/240 1119/1115 493/448][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 112/918 567/1514 161/644][URL: 69.118.162.229:46906/gnutella/thex/v1?urn:tree:tiger/:3WMUS6WM2ZC7XIPRQDKXWHHJRV4IKYC4OX4ELCA&depth=9&ed2k=1][StatusCode: 200][Content-Type: application/dime][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Known Proto on Non Std Port **** HTTP Numeric IP Address **** Unsafe Protocol **][Risk Score: 70][Risk Info: Found host 69.118.162.229][PLAIN TEXT (GET /gnutella/thex/v1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,22,0,0,0,0,0,0,0,0,55,0,0]
10 TCP 10.0.2.15:50248 <-> 109.214.154.216:6346 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][45 pkts/3196 bytes <-> 54 pkts/8256 bytes][Goodput ratio: 24/65][522.53 sec][bytes ratio: -0.442 (Download)][IAT c2s/s2c min/avg/max/stddev: 2/1 12254/10032 54436/54424 15860/15019][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 71/153 358/1078 50/183][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 56,1,12,5,3,1,1,7,3,1,3,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 10.0.2.15:50249 <-> 86.208.180.181:45883 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][43 pkts/3087 bytes <-> 47 pkts/7704 bytes][Goodput ratio: 24/67][522.17 sec][bytes ratio: -0.428 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/1 11973/13240 47909/55396 14672/15777][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 72/164 357/1119 51/213][User-Agent: gtk-gnutella/1.2.2 (2022-02-25; GTK2; Windows x64)][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT (GNUTELLA CONNECT/0.6)][Plen Bins: 57,0,4,6,4,4,4,2,6,2,2,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 UDP 10.0.2.15:28681 <-> 80.61.221.246:30577 [proto: 35/Gnutella][ClearText][Confidence: DPI][cat: Download/7][9 pkts/1185 bytes <-> 9 pkts/5195 bytes][Goodput ratio: 68/93][197.38 sec][bytes ratio: -0.629 (Download)][IAT c2s/s2c min/avg/max/stddev: 39/35 26439/26440 107210/107216 34356/34358][Pkt Len c2s/s2c min/avg/max/stddev: 70/148 132/577 274/769 53/274][Risk: ** Unsafe Protocol **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (u.GTKG)][Plen Bins: 5,5,33,11,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.