aboutsummaryrefslogtreecommitdiff
path: root/tests/result/whatsapp_login_call.pcap.out
Commit message (Collapse)AuthorAge
* Improve protocol stacks (#1425)Ivan Nardi2022-01-30
| | | | | | | | | | | | | | | | | We should have two protocols in classification results only when the "master" protocol allows some sub-protocols. Classifications like `AmazonAWS`, `TLS/AmazonAWS`, `DNS/AmazonAWS` are fine. However classifications like `NTP/Apple`, `BitTorrent/Azure`, `DNScrypt.AmazonAWS` or `NestLogSink.Google` are misleading. For example, `ndpiReader`shows `BitTorrent/Azure` flows under `Azure` statistics; that seems to be wrong or, at least, very misleading. This is quite important since we have lots of addresses from CDN operators. The only drawback of this solution is that right now ICMP traffic is classified simply as `ICMP`; if we are really interested in ICMP stuff we can restore the old behaviour later.
* Extend protocols support (#1422)Ivan Nardi2022-01-29
| | | | | | | | | | | | | | | | | | Add detection of AccuWeather site/app and Google Classroom. Improve detection of Azure, Zattoo, Whatsapp, MQTT and LDAP. Fix some RX false positives. Fix some "Uncommon TLS ALPN"-risk false positives. Fix "confidence" value for some Zoom/Torrent classifications. Minor fix in Lua script for Wireshark extcap. Update .gitignore file. Let GitHub correctly detect the language type of *.inc files. Zattoo example has been provided by @subhajit-cdot in #1148.
* Sync unit tests results (#1423)Ivan Nardi2022-01-28
| | | Fix: 7a3aa41a
* STUN: fix "confidence" value for some classifications (#1407)Ivan Nardi2022-01-15
|
* Add a "confidence" field about the reliability of the classification. (#1395)Ivan Nardi2022-01-11
| | | | | | | | | | | | | As a general rule, the higher the confidence value, the higher the "reliability/precision" of the classification. In other words, this new field provides an hint about "how" the flow classification has been obtained. For example, the application may want to ignore classification "by-port" (they are not real DPI classifications, after all) or give a second glance at flows classified via LRU caches (because of false positives). Setting only one value for the confidence field is a bit tricky: more work is probably needed in the next future to tweak/fix/improve the logic.
* ndpiReader: slight simplificaton of the output (#1378)Ivan Nardi2021-11-27
|
* Fixed cleartext protocol assignment (#1357)Ivan Nardi2021-10-25
|
* Refreshed results listLuca Deri2021-10-16
|
* Updated test results after latest commitLuca Deri2021-10-16
|
* Updated outputLuca Deri2021-08-07
|
* ndpiReader: add statistics about nDPI performance (#1240)Ivan Nardi2021-07-13
| | | | | | | The goal is to have a (roughly) idea about how many packets nDPI needs to properly classify a flow. Log this information (and guessed flows number too) during unit tests, to keep track of improvements/regressions across commits.
* Addesses partial application matching (#1207)Luca Deri2021-06-21
|
* Added flow risk scoreLuca Deri2021-05-18
|
* Reworked human readeable string search in flowsLuca Deri2021-05-17
| | | | Removed fragment manager code
* Fixes #1029Luca Deri2020-11-27
|
* Various optimizations to reduce not-necessary callsLuca Deri2020-09-24
| | | | | Optimized various UDP dissectors Removed dead protocols such as pando and pplive
* Reworked MDNS dissector that is not based on the DNS dissectorLuca Deri2020-09-17
|
* Fixed false positive in suspicous user agentLuca Deri2020-08-30
| | | | Optimized stddev calculation
* Fixed partial TLS dissectionLuca Deri2020-07-30
|
* Changed due to bin size extensionLuca Deri2020-07-30
|
* Updated test results due to bin changesLuca Deri2020-07-09
|
* Fixes #906Luca Deri2020-06-22
| | | | Packet bins are not printed wehn empty
* Added ndpi_bin_XXX APILuca Deri2020-06-22
| | | | Added packet lenght distribution bins
* Added check in TLS 1.2+ for reporting a risk when TLS is not used to carry HTTPSLuca Deri2020-06-08
|
* Added the ability to detect when a known protocol is using a non-standard portLuca Deri2020-05-10
| | | | Added check to spot executables exchanged via HTTP
* Added TLS issuerDN and subjectDNLuca Deri2020-05-07
|
* Remove decimals in test results for IAT, packet lengths and goodput ratioemanuele-f2020-02-14
|
* Improved DNS response decodingLuca Deri2020-02-04
| | | | The first decoded address is now reported by ndpiReader
* Reworked TLS dissectionLuca2020-01-01
|
* Improvements to stop dissection when the first protocol is detectedLuca Deri2019-11-28
| | | | | Used IP-based detection to compute the application protocol Improved application detection
* Updated resultsLuca Deri2019-11-21
|
* Manual merge of pull #769Luca Deri2019-10-02
|
* Improves IAT calculationLuca2019-09-24
|
* Unified WhatsApp Video and Audio under WhatsAppCallLuca2019-09-20
|
* Improved STUN-based protocol heuristic both in terms of accuracy and packets ↵Luca2019-09-20
| | | | necessary for the detection
* Various STUN improvementsLuca Deri2019-09-17
|
* As TLS certificate fingerprint is computed, TLS without certificate protocol ↵Luca Deri2019-09-15
| | | | | | has been removed Various improvemenets in detection quality
* Fixed timezone conversionLuca Deri2019-09-10
|
* Changes in validity formatLuca Deri2019-09-10
|
* Uddated resultsLuca Deri2019-09-10
|
* Parsed TLS certificate validityLuca Deri2019-09-10
|
* Added -C to generate CSV analysis filesLuca2019-09-03
| | | | Improved IAT and byte distribution
* Average calculation fixLuca2019-08-29
|
* Compilation fix on systems without JSON-CLuca Deri2019-08-29
|
* Uodated resultsLuca2019-08-29
|
* Added entropy, average, stddev, variance, bytes ratio calculationLuca2019-08-28
|
* Various TLS/STUN improvememntsLuca2019-08-08
|
* Implemented DTLS supportLuca2019-08-08
| | | | Renamed ssl to tls
* Updated results when adding client helloLuca Deri2019-08-07
|
* Fixed wrong detection of RTP as WhatsApp voiceLuca2019-07-29
|
Powered by cgit, Themed by Ted Yin.