aboutsummaryrefslogtreecommitdiff
path: root/test/results/default/tls_invalid_reads.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/tls_invalid_reads.pcap.out')
-rw-r--r--test/results/default/tls_invalid_reads.pcap.out25
1 files changed, 12 insertions, 13 deletions
diff --git a/test/results/default/tls_invalid_reads.pcap.out b/test/results/default/tls_invalid_reads.pcap.out
index e5c7f4059..89bae43a5 100644
--- a/test/results/default/tls_invalid_reads.pcap.out
+++ b/test/results/default/tls_invalid_reads.pcap.out
@@ -1,19 +1,18 @@
-00573{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
-00797{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1252380859868541}
+00573{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"reader-thread-count":1,"flow-scan-interval":10000000,"generic-max-idle-time":600000000,"icmp-max-idle-time":120000000,"udp-max-idle-time":180000000,"tcp-max-idle-time":7560000000,"max-packets-per-flow-to-send":5,"max-packets-per-flow-to-process":32,"max-packets-per-flow-to-analyse":32,"global_ts_usec":0}
+00797{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":1,"packets-processed":0,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":0,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":0,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":0,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":2,"global_ts_usec":1252380859868541}
00784{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859868541,"flow_dst_last_pkt_time":1252380859868541,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1252380859868541,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00552{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_src_last_pkt_time":1252380859868541,"flow_dst_last_pkt_time":1252380859868541,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1252380859868541,"pkt":"ABTRQblQABy\/OaVJCABFAAA0MFlAAIAG8ynAqAplziE9cQ9\/AbtzVLVxAAAAAIAC+vBjhwAAAgQFtAEDAwABAQQC"}
00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_src_last_pkt_time":1252380859868541,"flow_dst_last_pkt_time":1252380859884558,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":1252380859884558,"pkt":"ABy\/OaUlABTRQblQCABFIBA0ZLoAADYGSUrOIT1xwKgKZQG7D3++yAIvc1S1coASFtCGmAAAAgQFtAEBBAIBAwMx"}
00536{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_src_last_pkt_time":1252380859884593,"flow_dst_last_pkt_time":1252380859884558,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":1252380859884593,"pkt":"ABTRQblQABy\/PaVxCABFAAAoMP9AAIAG8zDAqAplziE9cQ9\/AbtzVLVyvsgCMFAQ+vDjSQAA"}
00676{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":4,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859884558,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":156,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":156,"pkt_l4_len":122,"thread_ts_usec":1252380859885010,"pkt":"ABTRQblQABy\/OaVxCABFAACOMQBAAIAG8snAqAplziE9cQ9\/AbtzVLVyvsgCMFAY+vBuTgAAFgMBAGEBAABdAwFKpdC7WffXCrqul0rRyqlV7PYgfbDHC7SZ1YAJU4BSeiCCetHfydzbddwggCw2Ef4Y\/Wcmum3i+DV+RW7iw5bCGwAWAAQABQAKAAkAZABiAAMABgATABIAJQAA"}
-01189{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859884558,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1252380859885010,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1","ja3":"","ja3s":"","ja4":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","blocks":0}}}
+01204{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":4,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":1,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859884558,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":1252380859885010,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","domainame":"","tls": {"version":"TLSv1","ja3":"","ja3s":"","ja4":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL","blocks":0}}}
00543{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":5,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":5,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859903858,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":20,"thread_ts_usec":1252380859903858,"pkt":"ABy\/OaVxABTRQblQCABFIAAoZLsAADcGSFXOIT1xwKgKZQG7D3++yAIwc1S12FAQAC7dpgAAAAAAAAAA"}
-01234{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859904145,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":851,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":851,"midstream":0,"thread_ts_usec":1252380859904145,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1","ja3":"","ja3s":"53611273a714cb4789c8222932efd5a7","ja4":"","unsafe_cipher":2,"cipher":"TLS_RSA_WITH_RC4_128_MD5","blocks":0}}}
-01235{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":4,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859942787,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":851,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":1329,"midstream":0,"thread_ts_usec":1252380859942787,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","tls": {"version":"TLSv1","ja3":"","ja3s":"53611273a714cb4789c8222932efd5a7","ja4":"","unsafe_cipher":2,"cipher":"TLS_RSA_WITH_RC4_128_MD5","blocks":0}}}
-00801{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":9,"packets-processed":8,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":2,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":12,"global_ts_usec":1421985541772794}
+01249{"flow_event_id":8,"flow_event_name":"detection-update","thread_id":0,"packet_id":6,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_src_packets_processed":3,"flow_dst_packets_processed":3,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859885010,"flow_dst_last_pkt_time":1252380859904145,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":851,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":851,"midstream":0,"thread_ts_usec":1252380859904145,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web","hostname":"","domainame":"","tls": {"version":"TLSv1","ja3":"","ja3s":"53611273a714cb4789c8222932efd5a7","ja4":"","unsafe_cipher":2,"cipher":"TLS_RSA_WITH_RC4_128_MD5","blocks":0}}}
+00801{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":9,"packets-processed":8,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1431,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":1,"total-idle-flows":0,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":11,"global_ts_usec":1421985541772794}
00784{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1421985541772794,"flow_src_last_pkt_time":1421985541772794,"flow_dst_last_pkt_time":1421985541772794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":10,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":10,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":10,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1421985541772794,"l3_proto":"ip4","src_ip":"74.80.160.99","dst_ip":"67.217.77.28","src_port":3258,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
00551{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_src_last_pkt_time":1421985541772794,"flow_dst_last_pkt_time":1421985541772794,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":64,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":64,"pkt_l4_len":30,"thread_ts_usec":1421985541772794,"pkt":"AAOf2SAhEFbKCIWJCABFAAAyM2VAAH8GFrhKUKBjQ9lNHAy6AbvQcb+g7Sa+J1AY\/QKZOwAlAAMBAAUBAAABAQ=="}
01101{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":1252380859868541,"flow_src_last_pkt_time":1252380859943054,"flow_dst_last_pkt_time":1252380859942787,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":102,"flow_dst_max_l4_payload_len":851,"flow_src_tot_l4_payload_len":102,"flow_dst_tot_l4_payload_len":1329,"midstream":0,"thread_ts_usec":1421985541772794,"l3_proto":"ip4","src_ip":"192.168.10.101","dst_ip":"206.33.61.113","src_port":3967,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"7": {"risk":"Obsolete TLS (v1.1 or older)","severity":"High","risk_score": {"total":310,"client":275,"server":35}}},"confidence": {"6":"DPI"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
-00803{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":10,"packets-processed":9,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1441,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":2,"total-updates":0,"current-active-flows":1,"total-active-flows":2,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":16,"global_ts_usec":1544035479538596}
+00803{"daemon_event_id":4,"daemon_event_name":"status","thread_id":0,"packet_id":10,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":10,"packets-processed":9,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1441,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":1,"total-active-flows":2,"total-idle-flows":1,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":15,"global_ts_usec":1544035479538596}
00306{"error_event_id":5,"error_event_name":"Unknown packet type","threshold_n":1,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":1544035479538596,"packet_id":10,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","layer_type":33024,"global_ts_usec":1544035479538596}
00469{"packet_event_id":1,"packet_event_name":"packet","packet_id":10,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":118,"pkt_type":33024,"pkt_l3_offset":18,"pkt_l4_offset":0,"pkt_len":118,"pkt_l4_len":0,"thread_ts_usec":1421985541772794,"pkt":"AAAAAAAFYAgQGhx\/gQBsn4EAYAIIAEVoAGDVegAA\/xG3XAruJEAK7vQxCGgIaABMAAAw\/wA8B+zklkUAADyx3UAAQAbcAwq\/ixE23eAt5LgBu\/kVfJ4AAAAAoAL\/\/3GmAAACBAW0BAIICgAUzUMAAAAAAQMDBg=="}
00306{"error_event_id":5,"error_event_name":"Unknown packet type","threshold_n":2,"threshold_n_max":16,"threshold_time":10000000,"threshold_ts_usec":1544035479721867,"packet_id":11,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","layer_type":33024,"global_ts_usec":1544035479721867}
@@ -22,7 +21,7 @@
00743{"packet_event_id":1,"packet_event_name":"packet","packet_id":12,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","pkt_datalink":1,"pkt_caplen":324,"pkt_type":33024,"pkt_l3_offset":18,"pkt_l4_offset":0,"pkt_len":324,"pkt_l4_len":0,"thread_ts_usec":1421985541772794,"pkt":"AAAAAAAFYAgQGhx\/gQBsn4EAYAIIAEVoAS7V9AAA\/xG2FAruJEAK7vQxCGgIaAEaAAAw\/wEKB+zklkUAAOux30AAQAbbUgq\/ixE23eAt5LgBu\/kVfJ8aWkgcgBgFWRb9AAABAQgKABTNax1e0BYWAwEAsgEAAK4DA+Jfj3VZ7Se+llOF2hoK\/0SOWa4JB8kGoFPipHXr6zI3AAAowCvALMAvwDAAngCfwAnACsATwBQAMwA5wAfAEQCcAJ0ALwA1AAUA\/wEAAF0AAAAWABQAABFlLmNyYXNobHl0aWNzLmNvbQAXAAAAIwAAAA0AFgAUBgEGAwUBBQMEAQQDAwEDAwIBAgMAEAALuImlL1Y1GeVflD5H40\/GlDV3w0Q4eHATzs15UMvq3bDFbT9WBxf4WY7WsXHZhuEm\/fgNJZccyFnwUKMb"}
01056{"flow_event_id":6,"flow_event_name":"guessed","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1421985541772794,"flow_src_last_pkt_time":1421985541772794,"flow_dst_last_pkt_time":1421985541772794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":10,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":10,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":10,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1421985541772794,"l3_proto":"ip4","src_ip":"74.80.160.99","dst_ip":"67.217.77.28","src_port":3258,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"1":"Match by port"},"proto":"TLS","proto_id":"91","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":1,"breed":"Safe","category_id":5,"category":"Web"}}
00786{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":1421985541772794,"flow_src_last_pkt_time":1421985541772794,"flow_dst_last_pkt_time":1421985541772794,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":10,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":10,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":10,"flow_dst_tot_l4_payload_len":0,"midstream":1,"thread_ts_usec":1421985541772794,"l3_proto":"ip4","src_ip":"74.80.160.99","dst_ip":"67.217.77.28","src_port":3258,"dst_port":443,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5}
-00805{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4834-92507c0","packets-captured":12,"packets-processed":9,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1441,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":1,"total-detection-updates":2,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":25,"global_ts_usec":1544035479768404}
+00805{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":12,"source":"cfgs\/default\/pcap\/tls_invalid_reads.pcap","alias":"nDPId-test","version":"1.7.0","ndpi_version":"4.11.0-4976-59ee1fe","packets-captured":12,"packets-processed":9,"pfring_active":false,"pfring_recv":0,"pfring_drop":0,"pfring_shunt":0,"total-skipped-flows":0,"total-l4-payload-len":1441,"total-not-detected-flows":0,"total-guessed-flows":1,"total-detected-flows":1,"total-detection-updates":1,"total-updates":0,"current-active-flows":0,"total-active-flows":2,"total-idle-flows":2,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"global-alloc-count":0,"global-free-count":0,"global-alloc-bytes":0,"global-free-bytes":0,"total-events-serialized":24,"global_ts_usec":1544035479768404}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 12/9
~~ skipped flows.............: 0
@@ -31,10 +30,10 @@
~~ total active/idle flows...: 2/2
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 6650370 bytes
-~~ total memory freed........: 6650370 bytes
-~~ total allocations/frees...: 114044/114044
+~~ total memory allocated....: 6662989 bytes
+~~ total memory freed........: 6662989 bytes
+~~ total allocations/frees...: 114162/114162
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json message min len.......: 311 chars
-~~ json message max len.......: 1240 chars
-~~ json message avg len.......: 775 chars
+~~ json message max len.......: 1254 chars
+~~ json message avg len.......: 782 chars
Powered by cgit, Themed by Ted Yin.