Improved TCP fingepring calculation

Adde basidc OS detection based on TCP fingerprint
2026-05-01 16:30:17 +00:00 · 2024-10-18 23:47:34 +02:00 · 2024-10-18 23:47:34 +02:00 · 0cc84e4fdd
commit 0cc84e4fdd
parent 819291b7e4
345 changed files with 4834 additions and 4772 deletions
--- a/tests/cfgs/default/result/imap.pcap.out
+++ b/tests/cfgs/default/result/imap.pcap.out
@ -24,4 +24,4 @@ IMAP	33	3774	1

 Unsafe                          33 3774          1            

-	1	TCP 10.40.4.2:46045 <-> 10.40.3.2:143 [proto: 4/IMAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 11][cat: Email/3][20 pkts/1507 bytes <-> 13 pkts/2267 bytes][Goodput ratio: 12/62][4.57 sec][User: samir][Pwd: pfres][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/17 39/39 15/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 75/174 139/762 17/181][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: Found IMAP username (samir)][TCP Fingerprint: 64_5840_2e3cee914fc1][PLAIN TEXT ( OK IMAP4)][Plen Bins: 51,22,11,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 10.40.4.2:46045 <-> 10.40.3.2:143 [proto: 4/IMAP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 11][cat: Email/3][20 pkts/1507 bytes <-> 13 pkts/2267 bytes][Goodput ratio: 12/62][4.57 sec][User: samir][Pwd: pfres][bytes ratio: -0.201 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/17 39/39 15/16][Pkt Len c2s/s2c min/avg/max/stddev: 66/74 75/174 139/762 17/181][Risk: ** Unsafe Protocol **** Clear-Text Credentials **][Risk Score: 110][Risk Info: Found IMAP username (samir)][TCP Fingerprint: 40962_64_5840_2e3cee914fc1/Unknown][PLAIN TEXT ( OK IMAP4)][Plen Bins: 51,22,11,5,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]