vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 06:59:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/cfgs/default/result/tls_port_80.pcapng.out
Luca Deri 851703b8bb Exteded Slowloris detection to TLS/QUIC 
DoS latency reported in sec (used to be ms)
2026-01-18 11:44:39 +01:00

41 lines
2.6 KiB
Text
Raw Blame History

DPI Packets (TCP): 13 (13.00 pkts/flow)
Confidence DPI : 1 (flows)
Num dissector calls: 3 (3.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/2/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/1/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 1/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 2/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 1/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 1/0 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 1/0 (search/found)
Hash fp custom protos: 1/0 (search/found)
Hash url custom protos: 0/0 (search/found)
TLS 13 2439 1
Safe 13 2439 1
Web 13 2439 1
JA Host Stats:
IP Address # JA4C
1 57.91.202.194 1
1 TCP 57.91.202.194:50541 <-> 132.49.141.56:80 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 13][cat: Web/5][Breed: Safe][5 pkts/563 bytes <-> 8 pkts/1876 bytes][Goodput ratio: 43/72][14.65 sec][bytes ratio: -0.538 (Download)][IAT c2s/s2c min/avg/max/stddev: 1011/3433 2355/3433 3621/3433 1067/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 113/234 299/1414 93/446][Risk: ** Known Proto on Non Std Port **** TLS (probably) Not Carrying HTTPS **** Missing SNI TLS Extn **** (Possible) Slow DoS **][Risk Score: 210][Risk Info: Slow TCP 3WH (SYN|ACK): 4.2 sec|Slow TCP 3WH (ACK): 3.3 sec / SNI should always be present / No ALPN / Expected on port 443][nDPI Fingerprint: ab49185fadc49dfb8599a7658ba655c0][TCP Fingerprint: 2_128_64240_5e2eda046ca7/Unknown][TLSv1.2][JA4: t12i550500_168bb377f8c8_a1e935682795][JA3S: 107030a763c7224285717ff1569a17f3][Firefox][Cipher: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384][PLAIN TEXT (AnyNet Root CA1 0)][Plen Bins: 0,0,0,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,50,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink