Skip to content

Commit

Permalink
Updated tests results
Browse files Browse the repository at this point in the history
  • Loading branch information
@lucaderi
lucaderi committed Dec 3, 2022
1 parent 2a8d0d1 commit a387072
Show file tree
Hide file tree
Showing 7 changed files with 27 additions and 27 deletions.
12 changes: 6 additions & 6 deletions tests/result/1kxun.pcap.out
View file

Large diffs are not rendered by default.

22 changes: 11 additions & 11 deletions tests/result/fuzz-2006-09-29-28586.pcap.out
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
Guessed flow protos: 36

DPI Packets (TCP): 110 (2.82 pkts/flow)
DPI Packets (TCP): 104 (2.67 pkts/flow)
DPI Packets (other): 1 (1.00 pkts/flow)
Confidence Unknown : 3 (flows)
Confidence Match by port : 26 (flows)
Expand All @@ -13,10 +13,10 @@ LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/29/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 3/0 (search/found)
Automa domain: 3/0 (search/found)
Automa host: 4/0 (search/found)
Automa domain: 4/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa risk mask: 1/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 74/0 (search/found)
Patricia risk: 0/0 (search/found)
Expand All @@ -29,22 +29,22 @@ HTTP 118 28709 37
2 TCP 172.20.3.5:2606 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][8 pkts/2287 bytes <-> 5 pkts/2963 bytes][Goodput ratio: 80/91][11.18 sec][Hostname/SNI: 172.20.3.13][bytes ratio: -0.129 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 58/58 177/172 83/81][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 286/593 1514/1514 478/662][URL: 172.20.3.13/servlets/mms?message-id=189301][StatusCode: 0][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][Risk Info: Found host 172.20.3.13][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,50,0,0]
3 TCP 172.20.3.5:2604 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][5 pkts/1754 bytes <-> 4 pkts/583 bytes][Goodput ratio: 83/62][11.17 sec][Hostname/SNI: 172.20.3.13][bytes ratio: 0.501 (Upload)][IAT c2s/s2c min/avg/max/stddev: 307/81 2793/3724 10864/10997 4662/5143][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 351/146 1514/417 582/157][URL: 172.20.3.13/servlets/mms?message-id=189001][StatusCode: 200][User-Agent: SonyEricssonT68/R201A][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][Risk Info: Found host 172.20.3.13][PLAIN TEXT (GET /servlets/mms)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0]
4 TCP 172.20.3.13:53132 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][9 pkts/1650 bytes <-> 4 pkts/240 bytes][Goodput ratio: 70/0][5.14 sec][bytes ratio: 0.746 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/1 734/1 4911/1 1706/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 183/60 894/60 270/0][PLAIN TEXT (POST /ppgctrl/ppgcontrollogic.d)][Plen Bins: 0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.20.3.5:2602 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][4 pkts/942 bytes <-> 4 pkts/703 bytes][Goodput ratio: 75/69][11.10 sec][Hostname/SNI: 172.20.3.13][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/106 3699/5548 10844/10989 5054/5442][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 236/176 762/541 304/211][URL: 172.20.3.13.servlets/mms][StatusCode: 200][Req Content-Type: application/xml][Content-Type: application/xml][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][Risk Info: Found host 172.20.3.13][PLAIN TEXT (POST .servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.20.3.13:53136 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][5 pkts/586 bytes <-> 6 pkts/999 bytes][Goodput ratio: 54/66][5.21 sec][bytes ratio: -0.261 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/96 1737/1302 4910/5010 2247/2141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 117/166 370/481 126/150][PLAIN TEXT (POST /ppgctrl/ppgcon)][Plen Bins: 0,0,25,0,25,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 172.20.3.5:2602 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][4 pkts/942 bytes <-> 4 pkts/703 bytes][Goodput ratio: 75/69][11.10 sec][Hostname/SNI: 172.20.3.13][bytes ratio: 0.145 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/106 3699/5548 10844/10989 5054/5442][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 236/176 762/541 304/211][URL: 172.20.3.13.servlets/mms][StatusCode: 200][Req Content-Type: application/xml][Content-Type: application/xml][Risk: ** HTTP Suspicious User-Agent **** HTTP Numeric IP Address **][Risk Score: 110][Risk Info: Found host 172.20.3.13 / Empty or missing User-Agent][PLAIN TEXT (POST .servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 172.20.3.13:53136 <-> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][5 pkts/586 bytes <-> 6 pkts/999 bytes][Goodput ratio: 54/66][5.21 sec][Hostname/SNI: 172.20.3.5][bytes ratio: -0.261 (Download)][IAT c2s/s2c min/avg/max/stddev: 1/96 1737/1302 4910/5010 2247/2141][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 117/166 370/481 126/150][User-Agent: MMS-Relay-DeliveryInitiator][PLAIN TEXT (POST /ppgctrl/ppgcon)][Plen Bins: 0,0,25,0,25,0,0,0,0,25,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 172.20.3.5:9587 -> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (POST /servlets/mms HTTP/)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
8 TCP 172.20.3.13:80 -> 172.20.72.5:2606 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
8 TCP 172.20.3.13:80 -> 172.20.72.5:2606 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/1514 bytes -> 0 pkts/0 bytes][Goodput ratio: 96/0][< 1 sec][Risk: ** HTTP Suspicious User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0]
9 TCP 172.20.3.13:80 <-> 172.20.3.5:2608 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/58 bytes <-> 3 pkts/882 bytes][Goodput ratio: 0/80][0.25 sec][PLAIN TEXT (POST /servlets/mms HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
10 TCP 172.20.3.13:53136 -> 172.70.3.5:80 [proto: 7/HTTP][IP: 220/Cloudflare][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/854 bytes -> 0 pkts/0 bytes][Goodput ratio: 94/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (msgpart)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
11 TCP 172.20.3.5:2607 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][4 pkts/657 bytes <-> 2 pkts/112 bytes][Goodput ratio: 64/0][0.21 sec][bytes ratio: 0.709 (Upload)][IAT c2s/s2c min/avg/max/stddev: 207/1 69/1 207/1 98/0][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 164/56 477/58 181/2][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 172.20.3.5:2603 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][2 pkts/120 bytes <-> 4 pkts/363 bytes][Goodput ratio: 0/39][11.06 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 216/2 216/35 216/68 0/33][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 60/91 60/197 0/61][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
12 TCP 172.20.3.5:2603 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][2 pkts/120 bytes <-> 4 pkts/363 bytes][Goodput ratio: 0/39][11.06 sec][bytes ratio: -0.503 (Download)][IAT c2s/s2c min/avg/max/stddev: 216/2 216/35 216/68 0/33][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 60/91 60/197 0/61][Risk: ** HTTP Suspicious User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
13 TCP 172.6.3.5:80 -> 172.20.3.13:53132 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/481 bytes -> 0 pkts/0 bytes][Goodput ratio: 89/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (xml version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
14 TCP 51.20.3.5:2605 -> 172.20.3.13:80 [proto: 7/HTTP][IP: 265/AmazonAWS][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/477 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (201.xml)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
15 TCP 172.20.3.5:2605 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][4 pkts/240 bytes <-> 1 pkts/58 bytes][Goodput ratio: 0/0][11.06 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
16 TCP 172.20.3.5:2600 <-> 172.20.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][2 pkts/120 bytes <-> 2 pkts/108 bytes][Goodput ratio: 0/0][0.00 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.20.2.13:80 -> 172.20.3.5:2607 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 172.20.3.13:80 -> 44.20.3.5:2605 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (HTTP/1.1 220 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
17 TCP 172.20.2.13:80 -> 172.20.3.5:2607 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 10/0][< 1 sec][Risk: ** HTTP Suspicious User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 200 OK)][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
18 TCP 172.20.3.13:80 -> 44.20.3.5:2605 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/197 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Risk: ** HTTP Suspicious User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 220 OK)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
19 TCP 172.20.3.5:80 -> 172.57.3.13:53132 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/195 bytes -> 0 pkts/0 bytes][Goodput ratio: 72/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (HTTo/1.1 202 Accepted)][Plen Bins: 0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 172.20.3.1:80 -> 172.20.3.13:53132 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/143 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][PLAIN TEXT (HTTP/1.1 100 Continue)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
20 TCP 172.20.3.1:80 -> 172.20.3.13:53132 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Web/5][1 pkts/143 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][< 1 sec][Risk: ** HTTP Suspicious User-Agent **** Unidirectional Traffic **][Risk Score: 110][Risk Info: No client to server traffic / Empty or missing User-Agent][PLAIN TEXT (HTTP/1.1 100 Continue)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 TCP 172.20.3.13:53193 -> 172.20.3.5:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/62 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 TCP 172.20.3.5:80 -> 172.20.35.13:53136 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No client to server traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
23 TCP 172.20.3.5:2602 -> 172.21.3.13:80 [proto: 7/HTTP][IP: 0/Unknown][ClearText][Confidence: Match by port][cat: Web/5][1 pkts/60 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][< 1 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Expand Down
2 changes: 1 addition & 1 deletion tests/result/mpeg-dash.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@ Patricia protocols: 5/3 (search/found)
MpegDash 13 4669 4

1 TCP 10.84.1.81:60926 <-> 166.248.152.10:80 [proto: 7.291/HTTP.MpegDash][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Media/1][2 pkts/456 bytes <-> 2 pkts/1520 bytes][Goodput ratio: 72/92][0.30 sec][Hostname/SNI: gdl.news-cdn.site][URL: gdl.news-cdn.site/as/bigo-ad-creatives/3s3/2lOTA7.mp4][StatusCode: 200][User-Agent: Mozilla/5.0 (Linux; Android 11; SM-A715F Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/89.0.4389.105 Mobile Safari/537.36][Risk: ** Suspicious DGA Domain name **][Risk Score: 100][Risk Info: gdl.news-cdn.site][PLAIN TEXT (GET /as/bigo)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0]
2 TCP 54.161.101.85:80 <-> 192.168.2.105:59144 [proto: 7.291/HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][cat: Media/1][2 pkts/1649 bytes <-> 2 pkts/323 bytes][Goodput ratio: 92/59][0.01 sec][PLAIN TEXT (OHTTP/1.1 200 OK)][Plen Bins: 0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
2 TCP 54.161.101.85:80 <-> 192.168.2.105:59144 [proto: 7.291/HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][cat: Media/1][2 pkts/1649 bytes <-> 2 pkts/323 bytes][Goodput ratio: 92/59][0.01 sec][Risk: ** HTTP Suspicious User-Agent **][Risk Score: 100][Risk Info: Empty or missing User-Agent][PLAIN TEXT (OHTTP/1.1 200 OK)][Plen Bins: 0,0,33,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0]
3 TCP 192.168.2.105:59142 <-> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][cat: Media/1][3 pkts/390 bytes <-> 1 pkts/74 bytes][Goodput ratio: 47/0][0.10 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/A48/init.mp4][StatusCode: 0][User-Agent: VLC/3.0.16 LibVLC/3.0.16][PLAIN TEXT (IGET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.2.105:59146 -> 54.161.101.85:80 [proto: 7.291/HTTP.MpegDash][IP: 265/AmazonAWS][ClearText][Confidence: DPI][cat: Media/1][1 pkts/257 bytes -> 0 pkts/0 bytes][Goodput ratio: 74/0][< 1 sec][Hostname/SNI: livesim.dashif.org][URL: livesim.dashif.org/livesim/sts_1652783809/sid_40c11e12/chunkdur_1/ato_7/testpic4_8s/V2400/206598099.m4s][StatusCode: 0][User-Agent: VLC/3.0.16 LibVLC/3.0.16][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (GET /livesim/sts)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 changes: 1 addition & 1 deletion tests/result/ookla.pcap.out
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,4 @@ Patricia protocols: 4/0 (search/found)
Ookla 5086 4689745 2

1 TCP 192.168.1.7:51215 <-> 46.44.253.187:8080 [proto: 191/Ookla][IP: 0/Unknown][ClearText][Confidence: DPI (cache)][cat: Network/14][2202 pkts/1032520 bytes <-> 2864 pkts/3652905 bytes][Goodput ratio: 86/95][40.14 sec][bytes ratio: -0.559 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 15/11 2086/2226 59/54][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 469/1275 1506/1506 642/527][PLAIN TEXT ( 6HELLO 2.4 2016)][Plen Bins: 28,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,70,0,0]
2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][Goodput ratio: 64/74][5.33 sec][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 528/47 5005/84 1493/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/260 430/523 168/194][Risk: ** HTTP Obsolete Server **][Risk Score: 50][Risk Info: Obsolete Apache server 2.2.22][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,12,75,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.7:51207 <-> 46.44.253.187:80 [proto: 7.191/HTTP.Ookla][IP: 0/Unknown][ClearText][Confidence: DPI][cat: Network/14][12 pkts/2238 bytes <-> 8 pkts/2082 bytes][Goodput ratio: 64/74][5.33 sec][bytes ratio: 0.036 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/4 528/47 5005/84 1493/28][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 186/260 430/523 168/194][Risk: ** HTTP Suspicious User-Agent **** HTTP Obsolete Server **][Risk Score: 150][Risk Info: Obsolete Apache server 2.2.22 / Empty or missing User-Agent][PLAIN TEXT (GET /crossdomain.xml HTTP/1.1)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,12,75,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Loading

0 comments on commit a387072

Please sign in to comment.