vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 15:09:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/cfgs/default/result/collectd.pcap.out
Toni Uhlig 285496d0b9 Add (generic) MsgPack protocol dissector. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-12-08 17:50:20 +01:00

46 lines
5.5 KiB
Text
Raw Blame History

Guessed flow protos: 3
DPI Packets (UDP): 13 (1.62 pkts/flow)
Confidence Match by port : 3 (flows)
Confidence DPI : 5 (flows)
Num dissector calls: 505 (63.12 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/9/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/3/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/3/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 4/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 16/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 0/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 0/0 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 0/0 (search/found)
Hash fp custom protos: 0/0 (search/found)
Hash url custom protos: 0/0 (search/found)
collectd 81 109386 8
Acceptable 81 109386 8
System 81 109386 8
1 UDP 127.0.0.1:35988 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 298/collectd, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][49 pkts/66012 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][406.49 sec][Hostname/SNI: devlap.fritz.box][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8783/0 10000/0 3188/0][Pkt Len c2s/s2c min/avg/max/stddev: 193/0 1347/0 1388/0 167/0][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,83,10,0,0,0,0,0]
2 UDP 127.0.0.1:36832 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 298/collectd, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][17 pkts/22755 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][134.67 sec][Hostname/SNI: devlap.fritz.box][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 8311/0 10000/0 3518/0][Pkt Len c2s/s2c min/avg/max/stddev: 924/0 1339/0 1384/0 104/0][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,5,89,0,0,0,0,0,0]
3 UDP 192.168.178.35:39576 -> 239.192.74.66:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: System/18][Breed: Acceptable][6 pkts/8363 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][708570048.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 907/0 141714014208/0 708570000000/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 1274/0 1394/0 1434/0 54/0][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.844 (Encrypted or Random?)][PLAIN TEXT (RmBJSP)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,33,50,0,0,0,0]
4 UDP 127.0.0.1:54138 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 298/collectd, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][5 pkts/6744 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][33.27 sec][Hostname/SNI: devlap.fritz.box][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,20,0,20,40,20,0,0,0,0,0]
5 UDP 192.168.178.35:39577 -> 239.192.74.66:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/1408 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Risk: ** Susp Entropy **][Risk Score: 10][Risk Info: Entropy: 7.843 (Encrypted or Random?)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0]
6 UDP 127.0.0.1:36064 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 298/collectd, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: devlap.fritz.box][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0]
7 UDP 127.0.0.1:36320 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: Match by port][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0]
8 UDP 127.0.0.1:36576 -> 127.0.0.1:25826 [proto: 298/collectd][Stack: collectd][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 298/collectd, Confidence: DPI][DPI packets: 1][cat: System/18][Breed: Acceptable][1 pkts/1368 bytes -> 0 pkts/0 bytes][Goodput ratio: 97/0][< 1 sec][Hostname/SNI: devlap.fritz.box][PLAIN TEXT (devlap.fritz.box)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink