aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/smb_frags.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/smb_frags.pcap.out')
-rw-r--r--test/results/default/smb_frags.pcap.out14
1 files changed, 7 insertions, 7 deletions
diff --git a/test/results/default/smb_frags.pcap.out b/test/results/default/smb_frags.pcap.out
index 37c59b327..50c2ca53f 100644
--- a/test/results/default/smb_frags.pcap.out
+++ b/test/results/default/smb_frags.pcap.out
@@ -1,14 +1,14 @@
-00565{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00789{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1623514369772545}
+00565{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00789{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1623514369772545}
00789{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1623514369772545,"flow_src_last_pkt_time":1623514369772545,"flow_dst_last_pkt_time":1623514369772545,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1623514369772545,"vlan_id":1608,"l3_proto":"ip4","src_ip":"10.202.211.125","dst_ip":"10.202.7.8","src_port":54120,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","vlan_id":1608,"flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1623514369772545,"flow_dst_last_pkt_time":1623514369772545,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":78,"pkt_l4_len":40,"thread_ts_usec":1623514369772545,"pkt":"AAAAAAAAAAgAAAAIgQAGSAgARQAAPJdVQAA+BrVNCsrTfQrKBwjTaAG9gKLxEgAAAACgAv\/\/GS4AAAIEIwABAwMGBAIICs5HDEsAAAAA"}
00573{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","vlan_id":1608,"flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1623514369772545,"flow_dst_last_pkt_time":1623514369868191,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":78,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":78,"pkt_l4_len":40,"thread_ts_usec":1623514369868191,"pkt":"AAAAAAAAAAgAAAAIgQAGSAgARQAAPE51QAB8BsAtCsoHCArK030BvdNoZ4rlhYCi8ROgEiAAlmYAAAIEBWQBAwMIBAIICowopxfORwxL"}
00641{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","vlan_id":1608,"flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1623514369870545,"flow_dst_last_pkt_time":1623514369868191,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":121,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":121,"pkt_l4_len":83,"thread_ts_usec":1623514369870545,"pkt":"AAAAAAAAAAgAAAAIgQAGSAgARQAAZ5dXQAA+BrUgCsrTfQrKBwjTaAG9gKLxE2eK5YaAGAgZ+EgAAAEBCArORwytjCinFwAAAC\/\/U01CcgAAAAAYBdgAAAAAAAAAAAAAAAD\/\/wEA\/\/8BAAAMAAJOVCBMTSAwLjEyAA=="}
00850{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","vlan_id":1608,"flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1623514369870545,"flow_dst_last_pkt_time":1623514370251341,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":279,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":279,"pkt_l4_len":241,"thread_ts_usec":1623514370251341,"pkt":"AAAAAAAAAAgAAAAIgQAGSAgARQABBU53QAB8Br9iCsoHCArK030BvdNoZ4rlhoCi8UaAGAQChHEAAAEBCAqMKKimzkcMrQAAAM3\/U01CcgAAAACYBdgAAAAAAAAAAAAAAAD\/\/wEA\/\/8BABEAAA8yAAEABEEAAAAAAQAAAAAA\/PMBgCVAmaKlX9cBEP8AiAA6Rp1HYg1YTqLSmkcnpK8KYHYGBisGAQUFAqBsMGqgPDA6BgorBgEEAYI3AgIeBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKoZIhvcSAQICAwYKKwYBBAGCNwICCqMqMCigJhskbm90X2RlZmluZWRfaW5fUkZDNDE3OEBwbGVhc2VfaWdub3Jl"}
02418{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","vlan_id":1608,"flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1623514370258205,"flow_dst_last_pkt_time":1623514370251341,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":1438,"pkt_type":2048,"pkt_l3_offset":18,"pkt_l4_offset":38,"pkt_len":1438,"pkt_l4_len":1400,"thread_ts_usec":1623514370258205,"pkt":"AAAAAAAAAAgAAAAIgQAGSAgARQAFjJdYQAA+Bq\/6CsrTfQrKBwjTaAG9gKLxRmeK5leAEAgZ6PkAAAEBCArORw4xjCiopgAABjz\/U01CcwAAAAAYBdgAAAAAAAAAAAAAAAAAAAEAAAABAAz\/AAAABEEyAAEAAAAAAK8FAAAAAP\/SAIABBmCCBasGggAGKwYBBQUCoIIFnTCCBZmgggARMIIADQaCAAkqhkiG9xIBAgKiggWABIIFfGCCBXgGCSqGSIb3EgECAgEAboIFZzCCBWOgAwIBBaEDAgEOogcDBQAgAAAAo4IEcmGCBG4wggRqoAMCAQWhFBsSQ0lWSUxQRU5TSU9OLkxPQ0FMoi0wK6ADAgEDoSQwIhsEY2lmcxsaaHFkYy0wMi5jaXZpbHBlbnNpb24ubG9jYWyjggQcMIIEGKADAgESoQMCASCiggQKBIIEBmtnVxcxBmkz4ZUsh+F3XvsymQ5mvu2LX+7W56rZEvZ1qmgF5eVUK11Yc3PdU24ZptZsf6GIgZZft7fDTc9iDA3FbzTWHDPjEHl6G+GfrKQ\/U66sLyoe01eLCDNDlzdYPbQNI5B+D7epgO3OqLoFCxgQnXg89dHq7kxLRlfyZ75yHYmd3cly0qeBA8TtEpLELIy5RDwh88Bbqx9lJkPNQiMt24H0yao67pgfp9aEdZ4Emm7xmyPRkPeqZWtM0bkNvn+WavQvx80wJ6ZQyFIXkOPKpVcd2AB5qVKkumKBLzfPVIv+5LsBnADCgXZoEckKZht4ry7NolrE+0HKHhPwkaoxc8bqcUuiYOluxmO4DjfSfFQueOoelGhXJ6pEhCQozBPoeArsog\/CMnvfwyGHeu2So9navfrEV7TGs9oPppW3oNCUuXo36cbimBLvIiY+Pgl\/ynJhxwXsO0RkVS9r\/PsoEMTLWDn3S3vAe\/TBqkOtoyPQJWg1FVpj7frmvNArPBFi14wVJfxtnd\/+3wtnQozSQyeZaiwe0Uki1A7mEEoQtV7AOgPYFp8ri4dHhClZYELTbpijGa0Jwtj6x6ZJsOiFg2SsOWyGploNv1wUt9FpkKTtjSnMILP9mkkt0GsDX19lwQbnfeVgl0kxeaZBDtMtasDDJW8MObctlpQH6UeIoFh4zd\/+AvklrnI66FLbyQfjFSQzmIzIW3ydE4bjVtwWmU1a9nvT5VzFxoGr9N75Jd1QR+seVejR1FQ5L+uOs9WAbzPwvooNtGJ9P10oltq2AAtLxvL22QGd7qWFsKNlILCcAk48pdh4wUcKf+EMjG6Xonr4DPvLkEyb43oHO1NuXf6G+7ier+62p0AeSbzutesdffNAKWx8nx125SeKQpNnBXnpDRdJnIJIcuLAdAebbsP88MDOzOSgr6S6eirG1TuF29PveiUZjxoiDLHdsyainMdtGrd0\/Ydkl2AhTK3O7gYsi1PPi2xvUVmDCWCipGeZ\/HFXUKBq15ucDAkq0dcppKqtynTA4t8XrmdpQTW\/R3zKQXp4YteUcutVoA63U60MWJlP325IMdQpih2Uk59JH5Dnux3Rd568y7AglM4Wn\/qV3HT6TOIU2RCepqW+t\/HKqI4PXOnM+5Qj2R2MJ25pMdBIvMiBfAjqOHwQwwec\/8syUlp9kgV4g09X0ubW+5o5iaoEB4ngqDTvZXkAfrGm9\/PFvCCGKK5LcZsH76QYjCwvtb7o+MxSnlo+MKjMgwdfysFP0RY4mM0xlHSbO4qyXFBgLhHZiagn1nbfnXKd28YECfDeWdHC\/Ig4+JxagNp\/3VNKyRkP6A4EbfQ3batKWXNlXzxKQjFl\/HI4d1Rq1dIh9CGkgdcwgdSgAwIBEqKBzASByVkzbk+ekX38PCwMB3OZSxR7r8vyZItGdtHn7\/EFdfCld4D4NfFt4ny5\/YJLf0FZrLolqw=="}
-01314{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1623514369772545,"flow_src_last_pkt_time":1623514370258205,"flow_dst_last_pkt_time":1623514370251341,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1368,"flow_dst_max_l4_payload_len":209,"flow_src_tot_l4_payload_len":1419,"flow_dst_tot_l4_payload_len":209,"midstream":0,"thread_ts_usec":1623514370258205,"vlan_id":1608,"l3_proto":"ip4","src_ip":"10.202.211.125","dst_ip":"10.202.7.8","src_port":54120,"dst_port":445,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"20": {"risk":"SMB Insecure Vers","severity":"High","risk_score": {"total":300,"client":210,"server":90}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":""}}
+01329{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":1623514369772545,"flow_src_last_pkt_time":1623514370258205,"flow_dst_last_pkt_time":1623514370251341,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1368,"flow_dst_max_l4_payload_len":209,"flow_src_tot_l4_payload_len":1419,"flow_dst_tot_l4_payload_len":209,"midstream":0,"thread_ts_usec":1623514370258205,"vlan_id":1608,"l3_proto":"ip4","src_ip":"10.202.211.125","dst_ip":"10.202.7.8","src_port":54120,"dst_port":445,"l4_proto":"tcp","ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"20": {"risk":"SMB Insecure Vers","severity":"High","risk_score": {"total":300,"client":210,"server":90}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System","hostname":"","domainame":""}}
01338{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":1623514369772545,"flow_src_last_pkt_time":1623514370351676,"flow_dst_last_pkt_time":1623514370345783,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1368,"flow_dst_max_l4_payload_len":327,"flow_src_tot_l4_payload_len":1651,"flow_dst_tot_l4_payload_len":536,"midstream":0,"thread_ts_usec":1623514370351676,"vlan_id":1608,"l3_proto":"ip4","src_ip":"10.202.211.125","dst_ip":"10.202.7.8","src_port":54120,"dst_port":445,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"20": {"risk":"SMB Insecure Vers","severity":"High","risk_score": {"total":300,"client":210,"server":90}},"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"NetBIOS.SMBv1","proto_id":"10.16","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Dangerous","category_id":18,"category":"System"}}
-00795{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":8,"packets-processed":8,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2187,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1623514370351676}
+00795{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/smb_frags.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":8,"packets-processed":8,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":2187,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":1,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1623514370351676}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 8/8
~~ skipped flows.............: 0
@@ -17,9 +17,9 @@
~~ total active/idle flows...: 1/1
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6644009 bytes
-~~ total memory freed........: 6644009 bytes
-~~ total allocations/frees...: 114032/114032
+~~ total memory allocated....: 6656539 bytes
+~~ total memory freed........: 6656539 bytes
+~~ total allocations/frees...: 114150/114150
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 570 chars
~~ json message max len.......: 2423 chars
Powered by cgit, Themed by Ted Yin.