From fc4fb4d409c43af8b9bdbd9d0cf8d9b742408f26 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Wed, 7 Aug 2024 11:35:17 +0200 Subject: Fixed probing attempt risk that was creating false positives --- tests/cfgs/default/result/nats.pcap.out | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/cfgs/default/result/nats.pcap.out') diff --git a/tests/cfgs/default/result/nats.pcap.out b/tests/cfgs/default/result/nats.pcap.out index fee59264f..49afe3410 100644 --- a/tests/cfgs/default/result/nats.pcap.out +++ b/tests/cfgs/default/result/nats.pcap.out @@ -24,5 +24,5 @@ Nats 27 2460 2 Acceptable 27 2460 2 - 1 TCP 127.0.0.1:54821 <-> 127.0.0.1:4222 [proto: 68/Nats][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RPC/16][7 pkts/545 bytes <-> 7 pkts/725 bytes][Goodput ratio: 26/44][2.20 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 3/3 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 78/104 191/365 46/107][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (rINFO )][Plen Bins: 60,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - 2 TCP 127.0.0.1:54820 <-> 127.0.0.1:4222 [proto: 68/Nats][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RPC/16][7 pkts/527 bytes <-> 6 pkts/663 bytes][Goodput ratio: 26/47][0.01 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/2 7/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 44/56 75/110 191/365 48/114][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (bINFO )][Plen Bins: 33,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 1 TCP 127.0.0.1:54821 <-> 127.0.0.1:4222 [proto: 68/Nats][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RPC/16][7 pkts/545 bytes <-> 7 pkts/725 bytes][Goodput ratio: 26/44][2.20 sec][bytes ratio: -0.142 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1/1 3/3 1/1][Pkt Len c2s/s2c min/avg/max/stddev: 56/56 78/104 191/365 46/107][PLAIN TEXT (rINFO )][Plen Bins: 60,0,0,0,20,0,0,0,0,20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 127.0.0.1:54820 <-> 127.0.0.1:4222 [proto: 68/Nats][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RPC/16][7 pkts/527 bytes <-> 6 pkts/663 bytes][Goodput ratio: 26/47][0.01 sec][bytes ratio: -0.114 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/2 7/7 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 44/56 75/110 191/365 48/114][PLAIN TEXT (bINFO )][Plen Bins: 33,0,0,0,33,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] -- cgit v1.2.3