From fc16c9368e1f5ba93144115d687fd2ce09f50955 Mon Sep 17 00:00:00 2001
From: Luca Deri <deri@ntop.org>
Date: Sun, 21 Feb 2021 21:33:26 +0100
Subject: Added risky domain flow-risk support

---
 tests/pcap/tk.pcap       | Bin 0 -> 686 bytes
 tests/result/tk.pcap.out |   5 +++++
 2 files changed, 5 insertions(+)
 create mode 100644 tests/pcap/tk.pcap
 create mode 100644 tests/result/tk.pcap.out

(limited to 'tests')

diff --git a/tests/pcap/tk.pcap b/tests/pcap/tk.pcap
new file mode 100644
index 000000000..25a655b1f
Binary files /dev/null and b/tests/pcap/tk.pcap differ
diff --git a/tests/result/tk.pcap.out b/tests/result/tk.pcap.out
new file mode 100644
index 000000000..59e428e5f
--- /dev/null
+++ b/tests/result/tk.pcap.out
@@ -0,0 +1,5 @@
+DNS	6	566	3
+
+	1	UDP 192.168.1.178:53820 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/131 bytes][Goodput ratio: 41/67][0.05 sec][Host: whois.dot.tk][::][Risk: ** Risky domain name **][PLAIN TEXT (freenom)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	2	UDP 192.168.1.178:55591 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/131 bytes][Goodput ratio: 41/67][0.06 sec][Host: whois.dot.tk][::][Risk: ** Risky domain name **][PLAIN TEXT (freenom)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	3	UDP 192.168.1.178:51954 <-> 192.168.1.1:53 [proto: 5/DNS][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.10 sec][Host: whois.dot.tk][104.155.55.158][Risk: ** Risky domain name **][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
-- 
cgit v1.2.3