Fixed probing attempt risk that was creating false positives

2026-05-02 00:40:17 +00:00 · 2024-08-07 11:35:17 +02:00 · 2024-08-07 11:35:17 +02:00 · fc4fb4d409
commit fc4fb4d409
parent 653175e724
211 changed files with 3841 additions and 3850 deletions
--- a/tests/cfgs/default/result/jrmi.pcap.out
+++ b/tests/cfgs/default/result/jrmi.pcap.out
@ -24,4 +24,4 @@ JRMI	19	1708	1

 Acceptable                      19 1708          1            

-	1	TCP 127.0.0.1:34450 <-> 127.0.1.1:1099 [proto: 416/JRMI][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: RPC/16][12 pkts/898 bytes <-> 7 pkts/810 bytes][Goodput ratio: 11/42][0.16 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 9/32 63/105 18/43][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/116 126/389 16/112][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (127.0.0.1)][Plen Bins: 75,12,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+	1	TCP 127.0.0.1:34450 <-> 127.0.1.1:1099 [proto: 416/JRMI][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: RPC/16][12 pkts/898 bytes <-> 7 pkts/810 bytes][Goodput ratio: 11/42][0.16 sec][bytes ratio: 0.052 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 9/32 63/105 18/43][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/116 126/389 16/112][PLAIN TEXT (127.0.0.1)][Plen Bins: 75,12,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]