vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 23:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

More NDPI_PROBING_ATTEMPT changes

Browse source
This commit is contained in:
Luca 2024-05-22 18:04:33 +02:00
parent 74d3843ebe
commit 44a290286b
205 changed files with 3941 additions and 3873 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tests/cfgs/default/result/mongodb.pcap.out
View file

@ -30,14 +30,14 @@ MongoDB 24 2510 7
Acceptable 24 2510 7
Unrated 3 230 1
1 TCP 10.10.10.16:51358 <-> 10.10.10.17:27017 [VLAN: 100][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/491 bytes <-> 1 pkts/78 bytes][Goodput ratio: 55/0][0.00 sec][PLAIN TEXT (admin.)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 10.10.10.10:51822 <-> 10.10.10.11:27017 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/469 bytes <-> 1 pkts/78 bytes][Goodput ratio: 53/0][0.34 sec][PLAIN TEXT (admin.)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.10.10.18:64566 <-> 10.10.10.19:30000 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/295 bytes <-> 1 pkts/78 bytes][Goodput ratio: 25/0][0.10 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][PLAIN TEXT (InactiveUserIdentity.)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.10.10.12:55582 <-> 10.10.10.13:27017 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/281 bytes <-> 1 pkts/78 bytes][Goodput ratio: 21/0][0.16 sec][PLAIN TEXT (abtest.)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.10.10.14:61503 <-> 10.10.10.15:27017 [VLAN: 100][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/280 bytes <-> 1 pkts/78 bytes][Goodput ratio: 21/0][0.01 sec][PLAIN TEXT (admin.)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 10.10.10.10:51822 -> 10.10.10.11:27017 [VLAN: 50][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Database/11][2 pkts/152 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.34 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.10.10.12:55582 -> 10.10.10.13:27017 [VLAN: 50][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Database/11][2 pkts/152 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.16 sec][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
1 TCP 10.10.10.16:51358 <-> 10.10.10.17:27017 [VLAN: 100][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/491 bytes <-> 1 pkts/78 bytes][Goodput ratio: 55/0][0.00 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (admin.)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 10.10.10.10:51822 <-> 10.10.10.11:27017 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/469 bytes <-> 1 pkts/78 bytes][Goodput ratio: 53/0][0.34 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (admin.)][Plen Bins: 0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 10.10.10.18:64566 <-> 10.10.10.19:30000 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/295 bytes <-> 1 pkts/78 bytes][Goodput ratio: 25/0][0.10 sec][Risk: ** Known Proto on Non Std Port **** Probing attempt **][Risk Score: 100][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (InactiveUserIdentity.)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.10.10.12:55582 <-> 10.10.10.13:27017 [VLAN: 300][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/281 bytes <-> 1 pkts/78 bytes][Goodput ratio: 21/0][0.16 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (abtest.)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 10.10.10.14:61503 <-> 10.10.10.15:27017 [VLAN: 100][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: Database/11][3 pkts/280 bytes <-> 1 pkts/78 bytes][Goodput ratio: 21/0][0.01 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (admin.)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 10.10.10.10:51822 -> 10.10.10.11:27017 [VLAN: 50][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Database/11][2 pkts/152 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.34 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
7 TCP 10.10.10.12:55582 -> 10.10.10.13:27017 [VLAN: 50][proto: 60/MongoDB][IP: 0/Unknown][ClearText][Confidence: Match by port][DPI packets: 2][cat: Database/11][2 pkts/152 bytes -> 0 pkts/0 bytes][Goodput ratio: 0/0][0.16 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 TCP 10.10.10.18:64566 <-> 10.10.10.19:30000 [VLAN: 50][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][DPI packets: 3][2 pkts/152 bytes <-> 1 pkts/78 bytes][Goodput ratio: 0/0][0.10 sec][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
1 TCP 10.10.10.18:64566 <-> 10.10.10.19:30000 [VLAN: 50][proto: 0/Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][DPI packets: 3][2 pkts/152 bytes <-> 1 pkts/78 bytes][Goodput ratio: 0/0][0.10 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]