vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 23:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
nDPI/tests/cfgs/default/result/s7comm.pcap.out
Toni Uhlig 285496d0b9 Add (generic) MsgPack protocol dissector. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-12-08 17:50:20 +01:00

39 lines
3.7 KiB
Text
Raw Blame History

DPI Packets (TCP): 18 (4.50 pkts/flow)
Confidence DPI : 4 (flows)
Num dissector calls: 661 (165.25 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/3/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 1/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 8/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 0/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 2/0 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 0/0 (search/found)
Hash fp custom protos: 0/0 (search/found)
Hash url custom protos: 0/0 (search/found)
S7Comm 193 19127 4
Acceptable 193 19127 4
IoT-Scada 193 19127 4
1 TCP 134.217.61.131:51212 <-> 134.217.61.211:102 [proto: 249/S7Comm][Stack: S7Comm][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 249/S7Comm, Confidence: DPI][DPI packets: 1][cat: IoT-Scada/31][Breed: Acceptable][32 pkts/2944 bytes <-> 32 pkts/4268 bytes][Goodput ratio: 41/59][0.55 sec][bytes ratio: -0.184 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 3/3 12/16 108/108 20/27][Pkt Len c2s/s2c min/avg/max/stddev: 79/73 92/133 249/301 30/81][PLAIN TEXT (ES7 315)][Plen Bins: 40,43,3,1,3,1,1,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 192.168.1.10:4185 <-> 192.168.1.40:102 [proto: 249/S7Comm][Stack: S7Comm][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 3][cat: IoT-Scada/31][Breed: Acceptable][36 pkts/3146 bytes <-> 19 pkts/2114 bytes][Goodput ratio: 38/51][0.14 sec][bytes ratio: 0.196 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 3/6 8/12 3/3][Pkt Len c2s/s2c min/avg/max/stddev: 61/74 87/111 301/275 54/44][PLAIN TEXT (TestHMI00040)][Plen Bins: 53,32,9,0,0,0,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 TCP 172.17.0.2:33028 <-> 172.17.0.2:102 [proto: 249/S7Comm][Stack: S7Comm][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 8][cat: IoT-Scada/31][Breed: Acceptable][21 pkts/1825 bytes <-> 15 pkts/1993 bytes][Goodput ratio: 24/50][0.23 sec][bytes ratio: -0.044 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/1 9/11 56/101 18/30][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 87/133 145/447 20/96][TCP Fingerprint: 2_64_33280_db1b9381215d/Unknown][PLAIN TEXT (ES7 315)][Plen Bins: 33,45,8,0,8,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 192.168.1.180:1117 <-> 192.168.1.11:102 [proto: 249/S7Comm][Stack: S7Comm][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 6][cat: IoT-Scada/31][Breed: Acceptable][20 pkts/1605 bytes <-> 18 pkts/1232 bytes][Goodput ratio: 22/20][7.11 sec][bytes ratio: 0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/3 381/372 1004/871 476/355][Pkt Len c2s/s2c min/avg/max/stddev: 68/54 80/68 93/83 11/14][TCP Fingerprint: 2_128_65535_44bd01ba086e/Unknown][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink