diff options
Diffstat (limited to 'test/results/flow-captured/classification_only')
17 files changed, 84 insertions, 0 deletions
diff --git a/test/results/flow-captured/classification_only/bittorrent.pcap.out b/test/results/flow-captured/classification_only/bittorrent.pcap.out new file mode 100644 index 000000000..6e5155d66 --- /dev/null +++ b/test/results/flow-captured/classification_only/bittorrent.pcap.out @@ -0,0 +1,46 @@ +Flow 17 risky: tcp 192.168.1.3:52915 -> 198.100.146.9:60163 +Flow 17 midstream: tcp 192.168.1.3:52915 -> 198.100.146.9:60163 +Flow 2 risky: tcp 192.168.1.3:52887 -> 82.57.97.83:53137 +Flow 2 midstream: tcp 192.168.1.3:52887 -> 82.57.97.83:53137 +Flow 11 risky: tcp 192.168.1.3:52906 -> 82.57.97.83:53137 +Flow 11 midstream: tcp 192.168.1.3:52906 -> 82.57.97.83:53137 +Flow 20 risky: tcp 192.168.1.3:52921 -> 95.234.159.16:41205 +Flow 20 midstream: tcp 192.168.1.3:52921 -> 95.234.159.16:41205 +Flow 24 risky: tcp 192.168.1.3:52925 -> 93.65.227.100:19116 +Flow 24 midstream: tcp 192.168.1.3:52925 -> 93.65.227.100:19116 +Flow 21 risky: tcp 192.168.1.3:52922 -> 95.237.193.34:11321 +Flow 21 midstream: tcp 192.168.1.3:52922 -> 95.237.193.34:11321 +Flow 9 risky: tcp 192.168.1.3:52902 -> 190.103.195.56:46633 +Flow 9 midstream: tcp 192.168.1.3:52902 -> 190.103.195.56:46633 +Flow 18 risky: tcp 192.168.1.3:52914 -> 190.103.195.56:46633 +Flow 18 midstream: tcp 192.168.1.3:52914 -> 190.103.195.56:46633 +Flow 3 midstream: tcp 192.168.1.3:52895 -> 83.216.184.241:51413 +Flow 22 midstream: tcp 192.168.1.3:52927 -> 83.216.184.241:51413 +Flow 13 risky: tcp 192.168.1.3:52912 -> 151.72.255.163:59928 +Flow 13 midstream: tcp 192.168.1.3:52912 -> 151.72.255.163:59928 +Flow 23 risky: tcp 192.168.1.3:52926 -> 93.65.249.100:31336 +Flow 23 midstream: tcp 192.168.1.3:52926 -> 93.65.249.100:31336 +Flow 19 risky: tcp 192.168.1.3:52917 -> 151.15.48.189:47001 +Flow 19 midstream: tcp 192.168.1.3:52917 -> 151.15.48.189:47001 +Flow 8 risky: tcp 192.168.1.3:52903 -> 198.100.146.9:60163 +Flow 8 midstream: tcp 192.168.1.3:52903 -> 198.100.146.9:60163 +Flow 1 risky: tcp 192.168.1.3:52888 -> 82.58.216.115:38305 +Flow 1 midstream: tcp 192.168.1.3:52888 -> 82.58.216.115:38305 +Flow 10 risky: tcp 192.168.1.3:52907 -> 82.58.216.115:38305 +Flow 10 midstream: tcp 192.168.1.3:52907 -> 82.58.216.115:38305 +Flow 5 risky: tcp 192.168.1.3:52894 -> 120.62.33.241:39332 +Flow 5 midstream: tcp 192.168.1.3:52894 -> 120.62.33.241:39332 +Flow 15 risky: tcp 192.168.1.3:52910 -> 120.62.33.241:39332 +Flow 15 midstream: tcp 192.168.1.3:52910 -> 120.62.33.241:39332 +Flow 7 risky: tcp 192.168.1.3:52893 -> 79.55.129.22:12097 +Flow 7 midstream: tcp 192.168.1.3:52893 -> 79.55.129.22:12097 +Flow 16 risky: tcp 192.168.1.3:52908 -> 79.55.129.22:12097 +Flow 16 midstream: tcp 192.168.1.3:52908 -> 79.55.129.22:12097 +Flow 4 risky: tcp 192.168.1.3:52896 -> 79.53.228.2:14627 +Flow 4 midstream: tcp 192.168.1.3:52896 -> 79.53.228.2:14627 +Flow 14 risky: tcp 192.168.1.3:52909 -> 79.53.228.2:14627 +Flow 14 midstream: tcp 192.168.1.3:52909 -> 79.53.228.2:14627 +Flow 6 risky: tcp 192.168.1.3:52897 -> 151.26.95.30:22673 +Flow 6 midstream: tcp 192.168.1.3:52897 -> 151.26.95.30:22673 +Flow 12 risky: tcp 192.168.1.3:52911 -> 151.26.95.30:22673 +Flow 12 midstream: tcp 192.168.1.3:52911 -> 151.26.95.30:22673 diff --git a/test/results/flow-captured/classification_only/bittorrent_tcp_miss.pcapng.out b/test/results/flow-captured/classification_only/bittorrent_tcp_miss.pcapng.out new file mode 100644 index 000000000..294e2dd8f --- /dev/null +++ b/test/results/flow-captured/classification_only/bittorrent_tcp_miss.pcapng.out @@ -0,0 +1 @@ +Flow 1 risky: tcp 192.168.122.34:48987 -> 178.71.206.1:6881 diff --git a/test/results/flow-captured/classification_only/forticlient.pcap.out b/test/results/flow-captured/classification_only/forticlient.pcap.out new file mode 100644 index 000000000..5754031a2 --- /dev/null +++ b/test/results/flow-captured/classification_only/forticlient.pcap.out @@ -0,0 +1 @@ +Flow 5 risky: tcp 192.168.1.178:61820 -> 82.81.46.13:10443 diff --git a/test/results/flow-captured/classification_only/http-basic-auth.pcap.out b/test/results/flow-captured/classification_only/http-basic-auth.pcap.out new file mode 100644 index 000000000..d891a90e8 --- /dev/null +++ b/test/results/flow-captured/classification_only/http-basic-auth.pcap.out @@ -0,0 +1,15 @@ +Flow 1 risky: tcp 192.168.0.4:54317 -> 192.254.189.169:80 +Flow 2 risky: tcp 192.168.0.4:54318 -> 192.254.189.169:80 +Flow 7 risky: tcp 192.168.0.4:54337 -> 192.254.189.169:80 +Flow 8 risky: tcp 192.168.0.4:54338 -> 192.254.189.169:80 +Flow 9 risky: tcp 192.168.0.4:54340 -> 192.254.189.169:80 +Flow 14 risky: tcp 192.168.0.4:54487 -> 192.254.189.169:80 +Flow 15 risky: tcp 192.168.0.4:54505 -> 192.254.189.169:80 +Flow 24 risky: tcp 192.168.0.4:54584 -> 192.254.189.169:80 +Flow 10 risky: tcp 192.168.0.4:54341 -> 192.254.189.169:80 +Flow 11 risky: tcp 192.168.0.4:54342 -> 192.254.189.169:80 +Flow 12 risky: tcp 192.168.0.4:54343 -> 192.254.189.169:80 +Flow 20 risky: tcp 192.168.0.4:54580 -> 192.254.189.169:80 +Flow 21 risky: tcp 192.168.0.4:54581 -> 192.254.189.169:80 +Flow 22 risky: tcp 192.168.0.4:54582 -> 192.254.189.169:80 +Flow 23 risky: tcp 192.168.0.4:54583 -> 192.254.189.169:80 diff --git a/test/results/flow-captured/classification_only/http-pwd.pcapng.out b/test/results/flow-captured/classification_only/http-pwd.pcapng.out new file mode 100644 index 000000000..2f04e0388 --- /dev/null +++ b/test/results/flow-captured/classification_only/http-pwd.pcapng.out @@ -0,0 +1 @@ +Flow 1 risky: tcp 127.0.0.1:56451 -> 127.0.0.1:3000 diff --git a/test/results/flow-captured/classification_only/http_auth.pcap.out b/test/results/flow-captured/classification_only/http_auth.pcap.out new file mode 100644 index 000000000..f64f8755f --- /dev/null +++ b/test/results/flow-captured/classification_only/http_auth.pcap.out @@ -0,0 +1 @@ +Flow 1 risky: tcp 192.168.0.4:54337 -> 192.254.189.169:80 diff --git a/test/results/flow-captured/classification_only/ookla.pcap.out b/test/results/flow-captured/classification_only/ookla.pcap.out new file mode 100644 index 000000000..1f5694308 --- /dev/null +++ b/test/results/flow-captured/classification_only/ookla.pcap.out @@ -0,0 +1 @@ +Flow 3 risky: tcp 192.168.1.7:51207 -> 46.44.253.187:80 diff --git a/test/results/flow-captured/classification_only/sip.pcap.out b/test/results/flow-captured/classification_only/sip.pcap.out new file mode 100644 index 000000000..1090142cf --- /dev/null +++ b/test/results/flow-captured/classification_only/sip.pcap.out @@ -0,0 +1 @@ +Flow 4 not-detected: udp 192.168.1.2:30001 -> 212.242.33.36:40393 diff --git a/test/results/flow-captured/classification_only/teams.pcap.out b/test/results/flow-captured/classification_only/teams.pcap.out new file mode 100644 index 000000000..88544269b --- /dev/null +++ b/test/results/flow-captured/classification_only/teams.pcap.out @@ -0,0 +1,17 @@ +Flow 48 risky: tcp 192.168.1.6:60559 -> 52.114.77.33:443 +Flow 64 risky: tcp 192.168.1.6:50018 -> 52.114.250.123:443 +Flow 78 risky: udp 93.71.110.205:16332 -> 192.168.1.6:50016 +Flow 43 risky: tcp 192.168.1.6:60554 -> 52.113.194.132:443 +Flow 4 risky: tcp 192.168.1.6:60532 -> 52.114.77.33:443 +Flow 7 risky: tcp 192.168.1.6:60535 -> 52.114.77.33:443 +Flow 25 risky: tcp 192.168.1.6:60543 -> 52.114.77.33:443 +Flow 51 risky: tcp 192.168.1.6:60561 -> 52.114.77.33:443 +Flow 74 risky: tcp 192.168.1.6:60567 -> 52.114.77.136:443 +Flow 60 not-detected: tcp 151.11.50.139:2222 -> 192.168.1.6:54750 +Flow 60 midstream: tcp 151.11.50.139:2222 -> 192.168.1.6:54750 +Flow 36 risky: udp 192.168.1.6:61245 -> 192.168.1.1:53 +Flow 10 risky: udp 192.168.1.6:64046 -> 192.168.1.1:53 +Flow 67 risky: tcp 192.168.1.6:50021 -> 52.114.250.123:443 +Flow 68 risky: udp 192.168.1.6:50016 -> 52.114.250.141:3478 +Flow 70 risky: udp 192.168.1.6:50036 -> 52.114.250.137:3478 +Flow 79 risky: udp 93.71.110.205:16333 -> 192.168.1.6:50036 diff --git a/test/results/flow-captured/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out b/test/results/flow-captured/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out b/test/results/flow-captured/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_1.2_unidirectional_client.pcapng.out b/test/results/flow-captured/classification_only/tls_1.2_unidirectional_client.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.2_unidirectional_client.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_1.2_unidirectional_server.pcapng.out b/test/results/flow-captured/classification_only/tls_1.2_unidirectional_server.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.2_unidirectional_server.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_1.3_unidirectional_client.pcapng.out b/test/results/flow-captured/classification_only/tls_1.3_unidirectional_client.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.3_unidirectional_client.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_1.3_unidirectional_server.pcapng.out b/test/results/flow-captured/classification_only/tls_1.3_unidirectional_server.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_1.3_unidirectional_server.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_ech.pcapng.out b/test/results/flow-captured/classification_only/tls_ech.pcapng.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_ech.pcapng.out diff --git a/test/results/flow-captured/classification_only/tls_verylong_certificate.pcap.out b/test/results/flow-captured/classification_only/tls_verylong_certificate.pcap.out new file mode 100644 index 000000000..e69de29bb --- /dev/null +++ b/test/results/flow-captured/classification_only/tls_verylong_certificate.pcap.out |