vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-02 00:40:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Improved TCP fingepring calculation

Browse source 
Adde basidc OS detection based on TCP fingerprint
This commit is contained in:
Luca Deri 2024-10-18 23:47:34 +02:00
parent 819291b7e4
commit 0cc84e4fdd
345 changed files with 4834 additions and 4772 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tests/cfgs/default/result/vnc.pcap.out
View file

@ -24,5 +24,5 @@ VNC 4551 329158 2
Acceptable 4551 329158 2
1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][Goodput ratio: 32/1][16.52 sec][bytes ratio: 0.552 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 841/845 31/42][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80/54 89/88 5/3][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found VNC][TCP Fingerprint: 128_8192_8df5eacf1616][Plen Bins: 88,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes][Goodput ratio: 32/1][4.15 sec][bytes ratio: 0.512 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/12 538/501 32/43][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80/55 89/88 5/4][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found VNC][TCP Fingerprint: 128_8192_8df5eacf1616][Plen Bins: 90,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
1 TCP 95.237.48.208:59791 <-> 192.168.2.110:6900 [proto: 89/VNC][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RemoteAccess/12][2485 pkts/199101 bytes <-> 1058 pkts/57444 bytes][Goodput ratio: 32/1][16.52 sec][bytes ratio: 0.552 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/10 841/845 31/42][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80/54 89/88 5/3][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found VNC][TCP Fingerprint: 32770_128_8192_8df5eacf1616/Unknown][Plen Bins: 88,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 95.237.48.208:51559 <-> 192.168.2.110:6900 [proto: 89/VNC][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 5][cat: RemoteAccess/12][684 pkts/54893 bytes <-> 324 pkts/17720 bytes][Goodput ratio: 32/1][4.15 sec][bytes ratio: 0.512 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 6/12 538/501 32/43][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 80/55 89/88 5/4][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found VNC][TCP Fingerprint: 32770_128_8192_8df5eacf1616/Unknown][Plen Bins: 90,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]