vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 15:09:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/cfgs/default/result/quic_0RTT.pcap.out
Toni Uhlig 285496d0b9 Add (generic) MsgPack protocol dissector. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-12-08 17:50:20 +01:00

44 lines
3 KiB
Text
Raw Blame History

DPI Packets (UDP): 4 (2.00 pkts/flow)
Confidence DPI : 2 (flows)
Num dissector calls: 216 (108.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/3/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/1/0 (insert/search/found)
Automa host: 3/1 (search/found)
Automa domain: 2/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 2/2 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 1/0 (search/found)
Patricia protocols: 1/1 (search/found)
Patricia protocols IPv6: 2/0 (search/found)
Hash malicious ja4: 2/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 0/0 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 2/0 (search/found)
Hash fp custom protos: 2/0 (search/found)
Hash url custom protos: 0/0 (search/found)
Google 15 5178 1
QUIC 2 2588 1
Acceptable 17 7766 2
Web 17 7766 2
JA Host Stats:
IP Address # JA4C
1 192.168.2.100 1
2 ::1 1
1 UDP 192.168.2.100:51972 <-> 142.250.181.227:443 [proto: 188.126/QUIC.Google][Stack: QUIC.Google][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Acceptable][7 pkts/2168 bytes <-> 8 pkts/3010 bytes][Goodput ratio: 86/89][0.23 sec][Hostname/SNI: ssl.gstatic.com][(Advertised) ALPNs: h3][TLS Supported Versions: TLSv1.3][bytes ratio: -0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 36/10 121/30 45/14][Pkt Len c2s/s2c min/avg/max/stddev: 75/67 310/376 1292/1292 416/426][nDPI Fingerprint: 12481414b967cb5e3cf53a2e93630979][TLSv1.3][QUIC ver: V-1][JA4: q13d0312h3_55b375c5d22e_73e2d9e6cde6][Plen Bins: 26,20,20,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,0,0]
2 UDP [::1]:60459 <-> [::1]:4443 [proto: 188/QUIC][Stack: QUIC][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 188/QUIC, Confidence: DPI][DPI packets: 1][cat: Web/5][Breed: Acceptable][1 pkts/1294 bytes <-> 1 pkts/1294 bytes][Goodput ratio: 95/95][0.00 sec][Hostname/SNI: abcd][(Advertised) ALPNs: h3-32][TLS Supported Versions: TLSv1.3;TLSv1.3 (draft);TLSv1.3 (draft);TLSv1.3 (draft)][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Risk Info: No server to client traffic / Expected on port 443][nDPI Fingerprint: 44b57584bd10118d4e16cdfaefe6af4b][TLSv1.3][QUIC ver: Draft-28][JA4: q00d0310h2_55b375c5d22e_060ec1c6a056][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink