From 0cc84e4fdd3057826355596fc2cc5a6c783048d5 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Fri, 18 Oct 2024 23:47:34 +0200 Subject: Improved TCP fingepring calculation Adde basidc OS detection based on TCP fingerprint --- tests/cfgs/default/result/atg.pcap.out | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/cfgs/default/result/atg.pcap.out') diff --git a/tests/cfgs/default/result/atg.pcap.out b/tests/cfgs/default/result/atg.pcap.out index 91560df31..3373815f1 100644 --- a/tests/cfgs/default/result/atg.pcap.out +++ b/tests/cfgs/default/result/atg.pcap.out @@ -24,5 +24,5 @@ ATG 31 2976 2 Acceptable 31 2976 2 - 1 TCP 192.168.0.105:3148 <-> 20.108.25.119:10001 [proto: 423/ATG][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: IoT-Scada/31][14 pkts/986 bytes <-> 8 pkts/1304 bytes][Goodput ratio: 5/59][157.76 sec][bytes ratio: -0.139 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 256/2 12561/20187 58945/59439 18236/20472][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70/163 75/509 4/160][TCP Fingerprint: 64_64240_2e3cee914fc1][PLAIN TEXT (08/19/2024 02)][Plen Bins: 83,0,0,0,0,0,0,0,0,8,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 192.168.0.105:3148 <-> 20.108.25.119:10001 [proto: 423/ATG][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 276/Azure, Confidence: IP address][DPI packets: 4][cat: IoT-Scada/31][14 pkts/986 bytes <-> 8 pkts/1304 bytes][Goodput ratio: 5/59][157.76 sec][bytes ratio: -0.139 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 256/2 12561/20187 58945/59439 18236/20472][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 70/163 75/509 4/160][TCP Fingerprint: 40962_64_64240_2e3cee914fc1/Linux][PLAIN TEXT (08/19/2024 02)][Plen Bins: 83,0,0,0,0,0,0,0,0,8,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] 2 TCP 192.168.0.105:3134 -> 20.108.25.119:10001 [proto: 423/ATG][IP: 276/Azure][ClearText][Confidence: DPI][FPC: 423/ATG, Confidence: DPI][DPI packets: 1][cat: IoT-Scada/31][9 pkts/686 bytes -> 0 pkts/0 bytes][Goodput ratio: 13/0][74.58 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 979/0 9322/0 37119/0 11869/0][Pkt Len c2s/s2c min/avg/max/stddev: 71/0 76/0 80/0 3/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] -- cgit v1.2.3