aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/dtls_certificate_fragments.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/dtls_certificate_fragments.pcap.out')
-rw-r--r--test/results/default/dtls_certificate_fragments.pcap.out8
1 files changed, 4 insertions, 4 deletions
diff --git a/test/results/default/dtls_certificate_fragments.pcap.out b/test/results/default/dtls_certificate_fragments.pcap.out
index 24888a871..7408b9129 100644
--- a/test/results/default/dtls_certificate_fragments.pcap.out
+++ b/test/results/default/dtls_certificate_fragments.pcap.out
@@ -1,4 +1,4 @@
-00628{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00631{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"max-flows-per-thread":32768,"max-idle-flows-per-thread":1024,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
00852{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1556606275726225}
00801{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1556606275726225,"flow_src_last_pkt_time":1556606275726225,"flow_dst_last_pkt_time":1556606275726225,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":312,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":312,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":312,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1556606275726225,"l3_proto":"ip4","src_ip":"10.186.198.149","dst_ip":"35.210.59.134","src_port":39347,"dst_port":44443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5}
00949{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1556606275726225,"flow_dst_last_pkt_time":1556606275726225,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":354,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":354,"pkt_l4_len":320,"thread_ts_usec":1556606275726225,"pkt":"AAAAp2BiAAAAtzPNCABFAAFUW5tAAD4Rr1YKusaVI9I7hpmzrZsBQKk0Fv7\/AAAAAAAAAAABKwEAAR8AAAAAAAABH\/79XLdFN6Sz4OQy2sCEjyxqziIlNS85zlQeFiYi19pl1vEAAACgwDDALMAowCTAFMAKAKUAowChAJ8AawBqAGkAaAA5ADgANwA2AIgAhwCGAIXAMsAuwCrAJsAPwAUAnQA9ADUAhMAvwCvAJ8AjwBPACQCkAKIAoACeAGcAQAA\/AD4AMwAyADEAMACaAJkAmACXAEUARABDAELAMcAtwCnAJcAOwAQAnAA8AC8AlgBBAAfAEsAIABYAEwAQAA3ADcADAAoA\/wEAAFUACwAEAwABAgAKABwAGgAXABkAHAAbABgAGgAWAA4ADQALAAwACQAKACMAAAANACAAHgYBBgIGAwUBBQIFAwQBBAIEAwMBAwIDAwIBAgICAwAPAAEB"}
@@ -20,8 +20,8 @@
02174{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":4,"flow_src_last_pkt_time":1591661831064972,"flow_dst_last_pkt_time":1591661831093656,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1257,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1257,"pkt_l4_len":1223,"thread_ts_usec":1591661831093656,"pkt":"VIygpBIpKICiDkMyCABFAATbfqJAADQRQX9omVeVwKgBGsNRqkoExy4IFv79AAAAAAAAAAYA8wsABrAAAQAEKAAA58h9uzNZbntMYktZAHYA36Veq2iCTx9sre64X04+WurNohKkal6OOxLAIERcKnMAAAFxGRBsmwAABAMARzBFAiApWTBZxdLT79S6Ig+uB892YqmmtBmV7ZOnMeoealK6IAIhAPUQVbJDdFaeI9lV0tAczBoraqHK\/BN8x6q+AGulqXqYAHYAQcjKsd8iRkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAFxGRBs6wAABAMARzBFAiAqTzH2Y+XFIb61QZLjCkTUxrQH7bjlHVCt1FMeFj2UOgIhANyKvnrM7ePwxrOAfBb+\/QAAAAAAAAAHAPMLAAawAAEABQ8AAOdAVrKBtkEYdXvvFGsCIes8eUPzOwB3AG9Tdqwx8DEZ2JkApFEV\/3cVHBHZAsEAKQaNsgiaN9kTAAABcRkQbHMAAAQDAEgwRgIhALMuylmf9X4NNnd3tnj0UTiiOK77ome\/tJWiO6J\/xw7bAiEA9bJDisGifcUTSdKScOBVqbaMAha\/FtR5PLI4mPJIbD0wDQYJKoZIhvcNAQELBQADggEBADaqoR+PnHxIbvP7Yq0nzl+bPpsfH\/m7NT6gclOCdjAf1haV7LC5oec\/mRflUwtx0ZjvXG6fcIOPNYfGB1sw9MHD3Wpbz5cW\/v0AAAAAAAAACADGCwAGsAABAAX2AAC6QTKk+edRhm6U7KIBeiyhIbVWLWhM0hil89+m8fOs8O2MzzZMqm2cyqmYYjG05ge5\/tzwIcR6NJo35dqIpK9FkcmIEZEpiSS9\/sCQItmRbLhjcRwoh55uO86kHB2ocBjcqFKF1aQ4NvBkRA8auPxHrEkgtWt8EGgUQ8pka16C7gZ\/zQYED7aP+YBL7EZ7UJgYNX3Nif3A4NM+E6d5G2e3ulyH\/eOIBsfkTPejvFBHYb0sqgqee7+qrBskFv79AAAAAAAAAAkAIAwAAUkAAgAAAAAAFAMAF0EEAAbNSbm\/C1RtcfhJE4FHFv79AAAAAAAAAAoA8wwAAUkAAgAAFAAA59o8IIbxEQCQOWPi1PZJF8Ekdjl8ShZo3qUHj84iN9GGDd+REE7oULkv91A5+YkfxwIEAQEAZBfczqFmnATcvEeZHjHma4NmgkFs\/ep1DiawUrAIovjw7bm5V9i1zZeeUDiJpIrArx93QAsW6kvfdkC75m+soOhuBjCtlNUyQT5+ZeL6z+x4Lk59wAOqsRqs915lKyvTQqd2P8nll30L8yeKMJOka+95GhoTkWeyaSmn1HPjVVIRaWrRa2Oe6+63FOT12Pd6ojoCwAf4Vo6QsRc8T81WxIZt2TCUa5MOo4UrKI5GKI8p2hb+\/QAAAAAAAAALAFoMAAFJAAIAAPsAAE6kTiJ6\/PYGa0FWf7cll8FaD7KrL9rUeAVrmWus9FF9b\/oJPWe1xvj1l2pEM6RpniiG\/Ak4p1K3saH2n+St0lphIbqigXdk2gm3uk9kf64W\/v0AAAAAAAAADAAyDQAAJgADAAAAAAAmAwECQAAeBgEGAgYDBQEFAgUDBAEEAgQDAwEDAgMDAgECAgIDAAAW\/v0AAAAAAAAADQAMDgAAAAAEAAAAAAAA"}
01727{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":24,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":1591661831005800,"flow_src_last_pkt_time":1591661831064972,"flow_dst_last_pkt_time":1591661831093656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":155,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":155,"flow_dst_max_l4_payload_len":1280,"flow_src_tot_l4_payload_len":310,"flow_dst_tot_l4_payload_len":2495,"midstream":0,"thread_ts_usec":1591661831093656,"l3_proto":"ip4","src_ip":"192.168.1.26","dst_ip":"104.153.87.149","src_port":43594,"dst_port":50001,"l4_proto":"udp","ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"DTLS.Discord","proto_id":"30.58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative","tls": {"version":"DTLSv1.2","server_names":"*.discord.gg,discord.gg","ja3":"681eb4fb79ccb6d60d35fa502c279d42","ja3s":"201fdaa63db9a086f36651aa4cfd0819","ja4":"dd2d120700_7c0e62f61317_d9dd6182da81","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","issuerDN":"C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA","subjectDN":"CN=*.discord.gg","fingerprint":"0C:A2:45:E6:4A:06:B0:31:C6:BF:B6:C5:1B:AE:A0:A3:8E:41:B2:3C","blocks":0}}}
01309{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":25,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":5,"flow_src_last_pkt_time":1591661831094429,"flow_dst_last_pkt_time":1591661831093656,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":621,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":621,"pkt_l4_len":587,"thread_ts_usec":1591661831094429,"pkt":"KICiDkMyVIygpBIpCABFAAJfTMFAAEARadzAqAEaaJlXlapKw1ECSz2PFv79AAAAAAAAAAIBLAsAASAAAQAAAAABIAABHQABGjCCARYwgb2gAwIBAgIJANEC+9dk9FU0MAoGCCqGSM49BAMCMBExDzANBgNVBAMMBldlYlJUQzAeFw0yMDA2MDgwMDE3MTBaFw0yMDA3MDkwMDE3MTBaMBExDzANBgNVBAMMBldlYlJUQzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMN4B8BcSIB8vft5RRQLAR85m\/tKuX7g5T1IYw7Hm7qhkyBdZX4OnwIFwDEfSDt3hvNzM2wWRdpiSZ6iGF90YtUwCgYIKoZIzj0EAwIDSAAwRQIgYiBJQW7KDUuAi3M9L3zwhEDpAL9q4DirUrayN1dURyMCIQD5bYw+Zs558BwlQadzNvlnhksxNHUTMmtsQ591HUXbABb+\/QAAAAAAAAADAE4QAABCAAIAAAAAAEJBBMZcbp+gpTP\/98W2Gp\/agbTEoqgz1y6bqmJbklIBPupi+fq8SYEjO9Y9JmSaRonmMNJqXH7zBblXPkmNr6nWxPMW\/v0AAAAAAAAABABXDwAASwADAAAAAABLBAMARzBFAiEAi1u+G3KaGQXoX1KGtvuQeozvmzHFR9Ra5exkC1MSZpoCIFTAFKcDyN3bpdNt1LWIF31bDpEkYEvrDTEBZbETusOEFP79AAAAAAAAAAUAAQEW\/v0AAQAAAAAAAAAwAAEAAAAAAACBA9i\/5ZXnRtf9Ph0HrY+iWRLDuMWOD5PqKOYsPS6F0szsv0blWRNP"}
-01343{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1556606275726225,"flow_src_last_pkt_time":1556606278645792,"flow_dst_last_pkt_time":1556606276558755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":125,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":374,"flow_dst_max_l4_payload_len":1412,"flow_src_tot_l4_payload_len":2162,"flow_dst_tot_l4_payload_len":2976,"midstream":0,"thread_ts_usec":1591661831138018,"l3_proto":"ip4","src_ip":"10.186.198.149","dst_ip":"35.210.59.134","src_port":39347,"dst_port":44443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"DTLS","proto_id":"30","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
01253{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1591661831005800,"flow_src_last_pkt_time":1591661831094429,"flow_dst_last_pkt_time":1591661831138018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":155,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":579,"flow_dst_max_l4_payload_len":1280,"flow_src_tot_l4_payload_len":889,"flow_dst_tot_l4_payload_len":3074,"midstream":0,"thread_ts_usec":1591661831138018,"l3_proto":"ip4","src_ip":"192.168.1.26","dst_ip":"104.153.87.149","src_port":43594,"dst_port":50001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"DTLS.Discord","proto_id":"30.58","proto_by_ip":"Discord","proto_by_ip_id":58,"encrypted":1,"breed":"Fun","category_id":15,"category":"Collaborative"}}
+01343{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":11,"flow_dst_packets_processed":9,"flow_first_seen":1556606275726225,"flow_src_last_pkt_time":1556606278645792,"flow_dst_last_pkt_time":1556606276558755,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":125,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":374,"flow_dst_max_l4_payload_len":1412,"flow_src_tot_l4_payload_len":2162,"flow_dst_tot_l4_payload_len":2976,"midstream":0,"thread_ts_usec":1591661831138018,"l3_proto":"ip4","src_ip":"10.186.198.149","dst_ip":"35.210.59.134","src_port":39347,"dst_port":44443,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"8": {"risk":"Weak TLS Cipher","severity":"High","risk_score": {"total":150,"client":135,"server":15}},"15": {"risk":"TLS (probably) Not Carrying HTTPS","severity":"Low","risk_score": {"total":460,"client":410,"server":50}},"24": {"risk":"Missing SNI TLS Extn","severity":"Medium","risk_score": {"total":300,"client":210,"server":90}}},"confidence": {"6":"DPI"},"proto":"DTLS","proto_id":"30","proto_by_ip":"GoogleCloud","proto_by_ip_id":284,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00861{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":26,"source":"cfgs\/default\/pcap\/dtls_certificate_fragments.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","ndpi_api_version":11619,"size_per_flow":1408,"packets-captured":26,"packets-processed":26,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":9101,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":2,"total-detection-updates":5,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":25,"global_ts_usec":1591661831138018}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 26/26
@@ -31,8 +31,8 @@
~~ total active/idle flows...: 2/2
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6664032 bytes
-~~ total memory freed........: 6664032 bytes
+~~ total memory allocated....: 6917472 bytes
+~~ total memory freed........: 6917472 bytes
~~ total allocations/frees...: 114191/114191
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 598 chars
Powered by cgit, Themed by Ted Yin.