Improved TCP fingepring calculation

Adde basidc OS detection based on TCP fingerprint
2026-05-01 00:19:42 +00:00 · 2024-10-18 23:47:34 +02:00 · 2024-10-18 23:47:34 +02:00 · 0cc84e4fdd
commit 0cc84e4fdd
parent 819291b7e4
345 changed files with 4834 additions and 4772 deletions
--- a/tests/cfgs/default/result/mpeg.pcap.out
+++ b/tests/cfgs/default/result/mpeg.pcap.out
@ -24,4 +24,4 @@ ntop	19	10643	1

 Safe                            19 10643         1            

-	1	TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Media/1][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Goodput ratio: 20/93][0.18 sec][Hostname/SNI: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/6 77/41 28/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 84/989 214/1502 46/649][URL: luca.ntop.org/0.mp3][StatusCode: 200][Content-Type: audio/mpeg][Server: Apache/2.4.7 (Ubuntu)][User-Agent: Wget/1.16.3 (darwin14.1.0)][TCP Fingerprint: 64_65535_63970bc57fac][PLAIN TEXT (GET /0.mp)][Plen Bins: 0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0]
+	1	TCP 192.168.80.160:55804 <-> 46.101.157.119:80 [proto: 7.26/HTTP.ntop][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: Media/1][9 pkts/754 bytes <-> 10 pkts/9889 bytes][Goodput ratio: 20/93][0.18 sec][Hostname/SNI: luca.ntop.org][bytes ratio: -0.858 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 25/6 77/41 28/14][Pkt Len c2s/s2c min/avg/max/stddev: 66/68 84/989 214/1502 46/649][URL: luca.ntop.org/0.mp3][StatusCode: 200][Content-Type: audio/mpeg][Server: Apache/2.4.7 (Ubuntu)][User-Agent: Wget/1.16.3 (darwin14.1.0)][TCP Fingerprint: 45058_64_65535_63970bc57fac/Unknown][PLAIN TEXT (GET /0.mp)][Plen Bins: 0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,75,0,0,0]